Cheap Malware Sold on Dark Web Used on Manufacturers
The latest Dark Web related crime spree making headlines this week came from the leaked data from Facebook, which admitted over 267 million users’ data had been leaked into the nefarious Internet underground. This data includes, IDs, phone numbers and names – a scenario scary enough to make you think twice about posting that video of your kid trying a lemon for the first time.
However, manufacturers may get spooked by a more menacing cyberthreat that has been traversing the Dark Web for some time and was discovered earlier this month.
Researchers at Proofpoint discovered a widely used remote access trojan (RAT) has been sold for less than $20. Tracking a medium-volume email campaign that used fake invoices as lures, NanoCore has been found on compromised systems, primarily targeting German manufacturers during a month-long campaign in October.
NanoCore is a fairly dated RAT with some potent capabilities. Over its six-year history, it has been available for even less than $20, oftentimes even free. It is designed to infect Windows-based systems, but needs a trigger point for its installation. That trigger point can be a phishing attack, but this instance appeared to focus on manufacturing companies and included phishing attempts in multiple emails.
Although this campaign was not exclusively focused on manufacturing, the researchers found the industry was the preferred one by far. Manufacturing has complex supply chains and frequently sprawling network infrastructure, which makes it an attractive and potentially lucrative industry at risk of infection and exploitation via NanoCore and other malware.
Also helping NanoCore’s cause is that manufacturing companies tend to have computing and control systems with long lifespans. These systems are either intended to be remotely managed and may lack comprehensive plant level IT or cybersecurity expertise.
The malware’s low cost and ease of use has given it a long shelf life in the market. It gives an attacker a great deal of control and an ongoing presence on a network after a successful attack.
Cybercriminals can hide from you, but they can’t hide from 2W Tech. 2W Tech is a full-service IT Consulting firm that specializes in the manufacturing industry and has IT Consultants on staff that are experts in security solutions. Give us a call today to learn more about making sure your business and employees are protected from the dangers and hackers lurking in the Dark Web.