The evolution of the fileless click-fraud malware Poweliks

| April 26, 2016

article image
In a world of file-based malware, Poweliks stands out from the crowd because of its nature as a fileless threat. It is innovative in its ability to persist by deeply embedding itself inside the Windows registry. Poweliks uses a number of tricks to hide itself in the registry,using a naming technique that makes it hard for users to find and remove its registry entries. It also uses CLSID hijacking as runtime load points in the registry to launch itself on reboot. Poweliks even exploits a zero-day privilege escalation vulnerability to help it to take control of compromised computers. It’s interesting to see, that despite these advanced techniques and innovations, the creators of Poweliks are just interested in running a click-fraud botnet operation to earn money from ad revenue.

Spotlight

ViaTek

ViaTek is the premier Information Technology business partner in Colorado. We offer all the services of an in-house IT group, from LAN and WAN installations to server backups to security and malware removal, without the added costs. Our strategy of providing managed services for our clients keeps networks safe and hardware running smoothly. Our team of experienced account managers is committed to providing you with locked-on service, an uncanny ability to solve problems quickly, and even a sense of humor once in a while.

OTHER ARTICLES

Coronavirus malware roundup: watch out for these scams

Article | March 18, 2020

With so many of us hunting out the latest Covid-19 info, it hasn’t taken long for hackers to take advantage. So first off, a basic hygiene reminder: Don’t download anything or click on any links from unfamiliar sources. This includes coronavirus-related maps, guides and apps. Here’s a closer look at some of the specific threats that have emerged over the last week or so. The DomainTools security research team has uncovered at least one example of a coronavirus-related fake app .The Android app in question was discovered on a newly created domain, (coronavirusapp[.]site). The site prompts users to download an Android App to get access to a coronavirus app tracker, statistical information and heatmap visuals. The app actually contains a previously unseen ransomware application, dubbed CovidLock. On download, the device screen is locked, and the user is hit with a demand for $100 in bitcoin to avoid content erasure.

Read More

5 Benefits of Investing in Cyber Security & IT solutions in 2021

Article | June 2, 2021

Cyber Security has quickly evolved from being just an IT problem to a business problem. Recent attacks like those on Travelex and the SolarWinds hack have proved that cyber-attacks can affect the most solid of businesses and create PR nightmares for brands built painstakingly over the years. Investing in cyber security training, cyber security advisory services and the right kind of IT support products, has therefore, become imperative in 2021. Investing in cyber security infrastructure, cyber security certification for employees and IT solutions safeguards businesses from a whole spectrum of security risks, ransomware, spyware, and adware. Ransomware refers to malicious software that bars users from accessing their computer system, whereas adware is a computer virus that is one of the most common methods of infecting a computer system with a virus. Spyware spies on you and your business activities while extracting useful information. Add social engineering, security breaches and compromises to your network security into the mix, and you have a lethal cocktail.

Read More

Webroot: Widespread Lack of Cybersecurity Best Practices

Article | April 7, 2020

A new list of most and least cyber secure U.S. states shows a disturbing lack of cybersecurity best practices. According to Webroot‘s fourth annual ranking, New York, California, Texas, Alabama and Arkansas are the least cyber secure states in the country, while Nebraska, New Hampshire, Wyoming, Oregon and New Jersey are the most cyber secure. Tyler Moffitt, Webroot security analyst, tells us none of the states had an average score greater than 67%. Also, there is very little difference between the most secure and least secure states, he said. No state scored a “C” grade or higher. That underlines a lack of cybersecurity education and hygiene nationally. However, the most cyber secure state (Nebraska at 67%) did score substantially better than the least (New York at 52%). This score was calculated through a variety of action- and knowledge-based variables, including residents’ use of antivirus software, use of personal devices for work, use of default security settings, use of encrypted data backups, password sharing and reuse, social media account privacy, and understanding of key cybersecurity concepts like malware and phishing,” Moffitt said.

Read More

Guide to Cloud Security Certification: Which Ones Are the Best of the Best?

Article | April 27, 2021

As your organization looks to move to cloud computing, security certification will become more critical. Cloud solutions have unique security considerations that are different from an on-premise solution. IT professionals that are managing these solutions should be well-versed in multi-layered protection, encryption, monitoring, and more. Not only is certification important for your own IT staff, but it should also be part of your recruiting strategy. Experience combined with certifications can be invaluable foclr protecting your cloud environment. You want to ensure that the data you store in the cloud is protected from security threats.

Read More

Spotlight

ViaTek

ViaTek is the premier Information Technology business partner in Colorado. We offer all the services of an in-house IT group, from LAN and WAN installations to server backups to security and malware removal, without the added costs. Our strategy of providing managed services for our clients keeps networks safe and hardware running smoothly. Our team of experienced account managers is committed to providing you with locked-on service, an uncanny ability to solve problems quickly, and even a sense of humor once in a while.

Events