Common IT Tools are the Hacker's Favorites

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
Warning Worms
The attacks of mid-2017 were a painful warning of what can happen when hackers sow their malware seeds on systems that have no way of controlling the longstanding risks inherent in protocols and the tools like NTLM and DCE/RPC. The best way to do this is to limit the use of these authentication protocols to instances of verified need by adding MFA challenges and real-time monitoring and analysis capabilities.

In the aftermath of NotPetya, researchers found that after the initial infection, the attackers used a combination of Mimikatz, PsExec, and WMI to steal credentials and continue spreading from machine to machine, holding data ransom or outright destroying it.

Among the victims were major international corporations, some of which suffered millions in damages and spent months restoring operations. Even more alarming, sites hacked by NotPetya but not activated in July distributed yet more malware in October. This attack, called BadRabbit, was smaller but showed evidence of sophisticated planning and collaboration — fueling concerns that those responsible have more devious tricks in their arsenal.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top