• Money & Markets
Saturday, March 6, 2021
  • Login
No Result
View All Result
NEWSLETTER
Money & Markets
16 °c
Nairobi
20 ° Sat
20 ° Sun
20 ° Mon
20 ° Tue
  • News
  • Big Read
  • Markets
  • Economy
  • Investing
  • Energy
  • Opinion
  • Africa
  • World
  • News
  • Big Read
  • Markets
  • Economy
  • Investing
  • Energy
  • Opinion
  • Africa
  • World
No Result
View All Result
Money & Markets
No Result
View All Result
Home Headlines

Kenyan banks among victims of fileless malware attacks

by admin
June 12, 2020
in Headlines, Economy
0 0
0
Kenyan banks among victims of fileless malware attacks

3d white person. Antivirus metaphor. Knight fighting worm virus. 3d image. Isolated white background.

0
SHARES
24
VIEWS
Share on FacebookShare on Twitter

By Eric Nyakagwa

Eight Kenyan institutions, including banks, and six in Uganda were among 140 enterprises in 40 countries affected by invisible memory malware attacks.

Others are telecommunication companies and government agencies, according to Kaspersky Lab’s Global Research & Analysis Team.

The hard-to-detect malware steals passwords and financial data.

According to the experts, the malware is not found on hard drives as it hides in the memory of compromised computers, making it almost “invisible” as criminals exfiltrate system administrators’ credentials and other sensitive data. When a targeted machine is rebooted, nearly all traces of the malware disappear.

“Several months after an attack the analysis of logs becomes a gamble because they are rotated over time. Hard drives store a lot of needed data and, depending on its activity, forensic specialists may extract data up to a year after an incident. That’s why attackers are using anti-forensic techniques (or simply SDELETE) and memory-based malware to hide their activity during data acquisition,” the security experts say in a report posted on Kaspersky Lab’s website.

A good example of the implementation of such techniques is Duqu2. After dropping on the hard drive and starting its malicious MSI package it removes the package from the hard drive with file renaming and leaves part of itself in the memory with a payload. That’s why memory forensics is critical to the analysis of malware and its functions. Another important part of an attack are the tunnels that are going to be installed in the network by attackers. Cybercriminals (like Carbanak or GCMAN) may use PLINK for that.

“Duqu2 used a special driver for that. Now you may understand why we were very excited and impressed when, during an incident response, we found that memory-based malware and tunnelling were implemented by attackers using Windows standard utilities like “SC” and “NETSH“,” the security experts say.

Here is the extent of the attacks in various countries:

Attacks

Further details of these attacks and their objectives will be presented at the Security Analyst Summit, to be held on St. Maarten from 2 to 6 April, 2017.

 

 

 

Tags: BanksKasperskymalwaresecurity
admin

admin

Next Post
Ecobank to intensify investments in East Africa

Ecobank to intensify investments in East Africa

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Latest Articles

  • NBK’s backed sireet tea factory begins operations
  • BrighterMonday unveils employer referral drive
  • Schools ICT Integration Programme on course
  • EQUITY Afia opens second clinic in Muranga County
  • StarTimes gets live broadcast rights for African Cup of Nations
  • Stima Sacco supports Naivasha hospital
  • Treasury hits tea farmers with KSh754 Million new tax
  • Construction of Kshs 3 billion fibre optic cable launched
  • How a slum savings scheme is transforming lives of women and youths entrepreneurs in Mathare
  • Equity Bank ranked 7th best bank in Africa

TOP SEARCHES

acquisition AfDB Banks brexit CBK Central Bank Central Bank of Kenya China COVID-19 dividends donations EABL energy Equity Bank Equity Group Holdings Finserve High Court Imperial Bank interest rates Jambojet jobs Jumia KCB KDIC KenGen Kenya Kenya Airways KRA M-Pesa MD mKey Nairobi NSE oil Patrick Njoroge profit profits Safaricom shareholders shares SMEs South Sudan StarTimes Tanzania Uhuru Kenyatta




  • Money & Markets

© 2020

No Result
View All Result
  • Money & Markets

© 2020

Welcome Back!

Login to your account below

Forgotten Password?

Create New Account!

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In