Blog

Comodo Threat Research Lab uncovers new trick used by hackers to attack enterprises  

In the ever-evolving world of cybersecurity, staying one step ahead of cybercriminals is of paramount importance. This month, the Comodo Threat Research Lab made a significant discovery that has the potential to reshape how enterprises view their email security.

A New Wave of Phishing Attacks

A different type of phishing email attack targeting enterprises using SWIFT monetary messaging services was discovered this month by Comodo Threat Research Lab. For those unfamiliar, SWIFT (Society for Worldwide Interbank Financial Telecommunication) messaging forces are employed by approximately 11,00 banking, business clients, and safety organizations

However, what’s alarming is the new method cybercriminals are employing. They are now targeting enterprises by sending phishing emails and planting malware directly in their inboxes.

These emails come with attachments, and the attackers cunningly direct the recipient to open the add-on to retrieve information about the amount that has been transferred to their chosen account.

But here’s the catch: the add-on is not what it seems. Instead of providing transaction details, it contains malware (Trojan.JAVA.AdwindRAT), which, once opened, infiltrates the user’s system.

Malicious files to establish a connection with a domain in a covertly encrypted network.

The Malware's Capabilities

Comodo has issued a stern warning regarding this malware’s capabilities. Not only can it disable the Windows restore option and the User Account Control, but it also functions as a cyber spy. This allows attackers to monitor the system and access detailed information about the enterprise network and its endpoints.

Comodo has issued a stern warning regarding this malware’s capabilities. Not only can it disable the Windows restore option and the User Account Control, but it also functions as a cyber spy. This allows attackers to monitor the system and access detailed information about the enterprise network and its endpoints.

Once the attackers have this wealth of information, they can introduce additional malware into the system, aiming to steal some of the organization’s most confidential data.

Hackers are essentially hiding in plain sight

The Psychology Behind the Attack

Comodo posits an interesting theory behind the hackers’ choice of using SWIFT systems. It’s all about human psychology. The excitement and arousal associated with money, especially concerning bank account transactions, make individuals more susceptible. By leveraging this, hackers are essentially hiding in plain sight, counting on human emotions to drive their malicious agenda.

Protection Against Such Attacks

For those seeking to fortify their defenses against such sophisticated attacks, Ideastack offers a VPS server with comprehensive protection for all system servers. Ensuring your systems are equipped with the latest security measures is the first step in safeguarding your enterprise’s valuable data.

Conclusion

In the digital age, the threat landscape is constantly shifting. With hackers employing ever more sophisticated methods, enterprises must stay informed and proactive. Thanks to institutions like Comodo Threat Research Lab, we can gain insights into these threats and take the necessary precautions. Remember, in cybersecurity, knowledge is the best defense.

Frequently Asked Questions

Q1. What is the new phishing attack discovered by Comodo?

Comodo has discovered a phishing email attack targeting enterprises using SWIFT monetary messaging services. The attackers send emails with malicious attachments, misleading recipients into opening them, which then releases malware into their systems.

Q2. How does the Trojan. JAVA.AdwindRAT malware function?

Once inside a system, the malware can evolve, enter the registry, spawn processes, and even attempt to disable antivirus and anti-adware processes. It also drops malicious files to connect with a covertly encrypted domain.

Q3. How can enterprises protect themselves from such attacks?

Enterprises can consider solutions like Ideastack’s VPS server, which offers comprehensive protection for all system servers. Regular updates, employee training, and staying informed about the latest threats are also crucial.

×

Hello!

Click one of our contacts below to chat on WhatsApp

×