Sign In

Communications of the ACM

ACM TechNews

Newly-Wormable Windows Botnet Ballooning in Size


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
Artist's impression of how a botnet spreads.

Researchers say a botnet targeting Windows devices is rapidly growing, thanks to a new infection technique that allows the malware to spread from computer to computer.

Credit: Bryce Durbin/TechCrunch

Amit Serper and Ophir Harpaz at Israeli security firm Guardicore say a botnet targeting Windows devices is expanding, due to a new infection method that lets malware spread between computers with weak passwords.

The Purple Fox malware attempts to guess Windows user account passwords by targeting the server message block that allows Windows to communicate with other devices.

Upon infiltration, Purple Fox pulls a malicious payload from a network of nearly 2,000 compromised Windows Web servers and installs a rootkit, keeping the malware latched on to the computer while complicating its detection or removal.

It then seals the firewall ports through which it gained access, and produces a list of Internet addresses and scans the Internet for other targets.

Guardicore said Purple Fox infections have soared 600% since May 2020.

From TechCrunch
View Full Article

 

Abstracts Copyright © 2021 SmithBucklin, Washington, DC, USA


 

No entries found