Surge of malware activity recorded in Kaznet
Astana. May 4. KazTAG - A surge in malware activity has been fixed in the Kazakhstani segment of the Internet, reports the computer incident response service (KZ-CERT) of the state technical service NSC.
"The service KZ-CERT has revealed about 200 online resources containing malicious software in the first quarter of the year," reads the report.
“The threat of Win32 / TrojanDownloader is capable of downloading other malicious software from the Internet, launching executable files and executing other malicious commands. In addition to this, this Trojan program is able to collect information about the user's data and its system unit, the list of running processes, the installed anti-virus software on the victim’s personal computer, and transfer the data to a remote machine. After fraud, the threat is removed from the infected computer on its own, " reads the report.
Another threat is Win32 / Filecoder.WannaCryptor.
“This is a trojan encoder that encrypts valuable files, databases, mail of the victim and then displays a ransom request for restoring access. The scale of the epidemic is due to its combination with the EternalBlue exploit for the Microsoft Windows network vulnerability," reads the message.
It is noted that Microsoft a released security update MS17-010 against vulnerability on March 14, 2017.
“However, the proposed patch has not yet been installed at all workstations, which has led to the massive nature of the attack. Unlike many encryptors that are distributed in spam mailings, WannaCryptor has the ability to "infect" workstations without the direct participation of the user," reads the report.
Photo source: picture from an open source