Few terms in the security world instil more fear than Stuxnet. But seven years after the infamous computer worm that targeted Iran’s nuclear facilities was discovered, an ugly descendant of the software is showing up in banks and other organisations around the globe.
New research from Kaspersky claims that over 140 institutions—including banks, government organisations, and telecom companies—have been infected with invisible malware that hackers are using to suck money out of bank accounts. It’s unclear exactly which accounts, organisations, and companies were targeted, but the issue seems widespread. Kaspersky first discovered this type of attack in two years ago and dubbed it Duqu 2.0, a more advanced form of the Duqu malware that was linked to Stuxnet in 2011. As Dan Goodin explains at Ars Technica, the malware is now “going mainstream.”
The so-called fileless malware is unique in its ability to disappear after being installed on a server. Once the attacked computer is rebooted, the malware renames itself, leaving no detectable trace of its existence. It can take several months before sysadmins realise the machine has been infected. During that time period, hackers can steal freely from the coffers of the affected enterprise. Kaspersky says it’s detected the malware in over 40 countries. The security firm just published a report about the hidden malware, and will present more details in April.
For now, it looks like institutions have more to worry about than the average consumer. The scary new malware also follows a trend of sophisticated, undetectable cyberattacks like periscope skimming. This ultra bad technology started showing up inside cash machines across the US last year and lets hackers gobble up credit information without the consumer or the bank knowing, since the hardware is installed inside of the machine.
The takeaway here, then, is obviously to embrace our dark future where the safest place for your cash is inside of a shoebox buried under the kids’ swing set. That or move to New Zealand, where the new malware hasn’t yet showed up, and wait for the apocalypse. [Kaspersky via Ars Technica]