2/12/2024 0 Comments Advance ip scanner![]() The defense strategy should be designed to detect lateral movement and data exfiltration to the internet.Keep software up-to-date on all devices to prevent vulnerabilities from being exploited.Install readily available patches for commercial VPN solutions that provide access for remote workers and act as gateways in the network.Use a separate secure password for each service.Do not make remote desktop services (such as RDP) available on public networks unless absolutely necessary.Namely, the AdvancedIPSyware is characterized by its unusual architecture, the use of a legitimate tool and an almost identical copy of the legitimate website.” Recommendations for protection against AdvancedIP Spyware “We looked at less common techniques used by cybercriminals – both are well known and have not been exposed to date. "Email is the most common infection method used by both cybercriminals and governments," comments Jornt van der Wiel, security researcher in Kaspersky's Global Research & Analysis Team (GReAT). However, in this case the attacks were not targeted, suggesting that AdvancedIPSyware is not related to politically motivated campaigns. Typically, such a modular architecture is found in malware whose developers are state-sponsored actors. The only difference is the "free download" button on the malicious websites.ĪdvancedIPSpyware is modular. The malware was hosted on two websites whose domains are almost identical to the legitimate Advanced IP Scanner website, differing only by one letter otherwise the pages look the same. The certificate used to sign the malware was most likely stolen previously. ![]() ![]() More rarely, the backdoor binary is actually signed, as is the case with AdvancedIPSpyware. Software infected with malware Advanced IP ScannerĬyber criminals are increasingly inserting malicious code into legitimate software to hide their malicious activities. The total number of victims infected throughout the campaign is already around 80. The AdvancedIPSyware campaign has a wide victimology with affected companies in Western Europe, Latin America, Africa, South Asia, Australia and CIS countries. This is a backdoor version of the legitimate Advanced IP Scanner tool used by network administrators to control local area networks (LANs). Kaspersky experts have discovered a new spyware called AdvancedIPSyware. Kaspersky experts have investigated the campaign. The AdvancedIPSpyware: Backdoor version of the Advanced IP Scanner also spies on companies in Western Europe. The legitimate tool Advanced IP Scanner, popular among network administrators, has emerged as a malware-infested version.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |