by ILH Staff
Hackers breach servers of over 1,300 organizations to mine digital currency and collect information. Guardicore security researchers Liad Mordekovitz and Ophir Harpaz identify attack, and Guardicore puts out recommendations for cybersecurity chiefs.
A global cyberattack launched last week from over 1,300 locations was exposed by Israeli security researchers Liad Mordekovitz and Ophir Harpaz from the Guardicore cybersecurity company.
The main target of the cyberattack were servers of companies and organizations in the health, tourism, media, and education sectors, including hospitals, hotels, schools, and government agencies, mostly in the US, Vietnam, and India.
In all, the attack targeted over 2,000 entities. Hackers used the servers as a base from which to cause harm to additional companies, decentralizing the attack to make themselves harder to trace.
Servers breached in the attack used Microsoft's SMB protocol. The attackers created a "backdoor" that allowed them to penetrate the servers repeatedly and sell the access on the dark web. According to some assessments, every compromised Windows server is worth hundreds of dollars, which adds up to a significant sum.
The purpose of the attack? To harness the servers to mine digital currency, install Trojan horses, and collect information. The hackers were also able to employ advanced methods of eradicating other hackers' malware found on the servers so they could have exclusive "use" of them. The hackers also took care to delete their own files after use.
Guardicore researchers published a tool that would help heads of cybersecurity identify whether their organizations' systems had fallen prey to the attack, along with recommendation about how to protect their systems from similar attacks.
Guardicore, founded in 2013, develops a software-based cybersecurity solution that is detached from a physical network. The company describes its offering as a "faster, more cost-effective alternative to firewalls." The company employees over 270 worker, over half of whom at its R&D center in Israel, with the rest of its personnel at sales and support offices in the US, Canada, South America, India, western Europe, and the Ukraine.
ILH Staff
Source: https://www.israelhayom.com/2021/07/06/israeli-cybersecurity-researchers-expose-worldwide-hacking-scheme/
No comments:
Post a Comment