Connect with us
Operators of the unusual harm Tardigrade attacked bio production plants Operators of the unusual harm Tardigrade attacked bio production plants

Security

Operators of the unusual harm Tardigrade attacked bio-production plants

Published

on

The malware can adapt to the new environment, disguise itself, and even operate autonomously when there is no connection to the C&C server.

Cybersecurity Specialists from BioBright reported about a cyberattack on a bio-product manufacturing facility that used unusual malware called Tardigrade.

As experts have found, Tardigrade has a lot of functionality and is not limited to simply blocking computers throughout the facility. The malware can adapt to the new environment, disguise itself, and even operate autonomously when disconnected from its C&C server. The complexity of the malware and other digital analysis data points to a well-funded and motivated APT group.

“This is by far the most sophisticated malware we’ve ever seen in this area. This is very similar to other attacks and campaigns by APT groups targeting other industries, ”the experts noted.

Tardigrade bears some similarities to the popular Smoke Loader (also known as Dofoil) malware downloader, which has been used to distribute malware since at least 2011. Despite the similarities to Smoke Loader, Tardigrade seems to be more advanced and offers an extended set of configurations. The malware has the functionality of a Trojan and, after being installed on the victim’s network, searches for stored passwords, deploys a keylogger, starts stealing data, and installs a backdoor.

As the researchers noted, malware behaves differently depending on the environment, so the signature is constantly changing and more difficult to detect. Experts have tested the malware almost 100 times, and each time it was built on the system in a different way and interacted in different ways.

Tardigrade can make decisions about how to act on the victim’s network, even if there is no connection with the operators. According to experts, Tardigrade is primarily intended to spread using phishing attacks, but it can also spread via infected USB drives or even autonomously move from one infected network to another.

Click to comment

Leave a Reply

Your email address will not be published.

Components

4 TB of security from Samsung. External SSD T7 Shield is now available in a new version for 420 euros

Published

on

4 TB of security from Samsung External SSD T7 Shield

Samsung has decided to release a new version of its secure external SSD T7 Shield.

4 TB of security from Samsung.  External SSD T7 Shield is now available in a new version for 420 euros

The device was introduced almost a year ago in 1 and 2 TB versions. Now, a 4 TB modification is entering the market.

In Europe, they ask for 420 euros for such an SSD. For comparison, the prices for the younger versions are 135 and 220 euros.

Recall, T7 Shield offers a good level of protection. There is also protection against water and moisture (IP65), and protection against falls from a height of up to 3 meters. Actually, since this is a solid state drive, it is likely that it will survive a much more serious fall.

The device is equipped with a USB-C 3.2 Gen 2 interface and offers read and write speeds of 1050 and 1000 MB/s, respectively. The device weighs only about 100 g.

Continue Reading

Security

ChatGPT can be used to write viruses and ransomware – this was confirmed by information security specialists

Published

on

ChatGPT can be used to write viruses and ransomware

Network resources reported that examples appeared on the network of how the popular chat bot ChatGPT writes code for viruses. Network security company Check Point Research discovered this and said that the use of AI increases the danger from hackers. On the thematic forums, the first information about the successful writing of viruses using ChatGPT has already appeared.

ChatGPT can be used to write viruses and ransomware - this was confirmed by information security specialists

One example was a program that, after refinement, can be turned into “extortionist”. It can encrypt data on the user’s PC and will require payment for decryption. In a more advanced version of the program, penetration into the target server is provided, from where hackers already gain access to all the data of the victim

In addition, the neural network can write phishing emails – this has already been checked by Check Point Research specialists themselves. The letter also contained an Excel file with an embedded macro that was launched when the file was opened.

However, this is not all. Experts were able to get AI to create scripts for scanning network ports and other tools.

At the same time, Check Point Research believes that it is too early to say that ChatGPT has become a new tool for hackers, but the attacker community has already become interested in it. Note that earlier the system was already able to pretend to be a Linux machine, as well as write a number of programs and websites.

Continue Reading

Security

“Germany has not taken seriously the security threat posed by China.” The country has increased dependence on Huawei

Published

on

Germany has not taken seriously the security threat posed by

Despite the huge number of sanctions imposed by the US and other countries against Huawei, Germany has only increased its dependence on this Chinese company.

Germany has not taken seriously the security threat posed by

According to a recent Strand Consult report cited by Reuters, Germany has become even more dependent on Huawei to build 5G infrastructure than it was when building 4G networks. More specifically, Huawei accounts for 59% of all 5G network equipment in Germany. We are talking about base stations and related equipment. For comparison, in the case of 4G networks, Huawei’s share in Germany is 57%. What’s interesting is the fact that Huawei’s share in this area is higher in Berlin than in Beijing, where the company faces serious competition from ZTE.

According to the report, there are signs that Germany has not taken seriously the security threat posed by China. At the same time, Huawei equipment is simply cheaper than analogues of European players in this market, which is why a number of countries, including Germany, continue to purchase Huawei products.

Continue Reading

Most Popular