Public WiFi- A New Way to Spread Malware
Attackers are using unsecured Wi-Fi networks as a way to deliver the malware to more devices. A new malware, called Emotet has the capability to help spread their malware to more victims. This malware can also spread from one device to another by creating a botnet that helps deliver additional spam and emails. It spreads across an unsecured public Wi-Fi network by taking advantage of weak passwords and other security flaws.
The researchers have found that some versions of Emotet can be spread across an unsecured WiFi network by taking advantage of weak passwords and other security flaws. While these types of infections are rare, it's important to keep an eye on how the Trojan's creators are attempting new methods.
Some Emotet samples in campaigns leveraging WiFi that researchers examined in January contained a timestamp dated April 16, 2018, which suggests that the capability to spread the malware through poorly secured WiFi networks may have gone unnoticed until now. In these campaigns, once attackers infect a device with the Trojan, it starts to download what the researchers call a WiFi spreader module, which contains two binaries. One of these binaries, called worm.exe, begins to list all the WiFi-enabled devices that are connected with the infected device.
The binary also extracts a list of reachable wireless networks using the wlanAPI interface found in later versions of Microsoft Windows, according to the report. This interface helps manage WiFi connections and network profiles in some versions of Windows.
Once the list of all WiFi networks and devices is gathered, the binary then begins to use a brute force attack to guess the usernames and passwords of the wireless networks, looking for one it can crack. The Emotet malware has an internal list of passwords that it uses as part of this brute force attack.
It has been recommended by researchers that the IT and security teams should take the time to create stronger passwords for WiFi networks to ensure that these brute force attacks are less likely to be successful.
AMD intros Kria KR260 Robotics Starter Kit for Intelligent Factory of the future
AMD announced the Kria KR260 Robotics Starter Kit, the latest addition to the Kria portfol...
West Midlands Police deploys Exterro’s Cloud-based Digital Forensics Platform
The provider of Legal GRC software, Exterro Inc. announced that the West Midlands Police a...
Kyndryl and NetApp together to help customers transform business
Kyndryl and NetApp announced a global alliance to help customers transform their businesse...
Industry leaders layout the collaborative 5G Opportunities and capabilities for country’s digital transformation
Leading telecommunications experts and industry leaders connected and brainstormed ideas f...
VeeamON 2022 kicked off with insightful sessions on data protection
Veeam Software has kicked off its annual user conference, VeeamON 2022, delivering a rich,...
DoT, Rajasthan LSA conducts webinar on awareness for mobile tower myths and tower frauds
Department of Telecommunications (DoT), Jaipur License Service Area (LSA) organized an awa...
Microsoft Future Ready Industry week stresses on key trends driving digital transformation in the ITES sector
Microsoft’s Future Ready Industry week, ITES edition brought together industry lumin...