A new cryptocurrency miner, dubbed PowerGhost, is targeting corporate networks in India and several other regions in the world, according to new research from Russia-based cybersecurity company Kaspersky Lab.
PowerGhost uses multiple fileless techniques to discreetly gain a foothold in corporate networks, meaning that the miner does not store its body directly onto a disk, increasing the complexity of its detection and remediation, showed the study published in Securelist, the online headquarters of Kaspersky Lab security experts.
The main victims of this attack so far have been corporate users in India, Brazil, Colombia and Turkey, it added. Cryptocurrency mining software creates new coins by using the computing power of a victim PC and mobile devices. The threat from cryptocurrency mining software has sky-rocketed in recent times, replacing ransomware as the main type of malicious software, as previous Kaspersky Lab research had shown.
As this trend grows, enterprises will be put at risk, as miners sabotage and slow down their computer networks, damaging overall business processes and lining their own pockets in the process. However, the emergence of PowerGhost adds a new dimension to the trend. It demonstrates that malicious miner developers are shifting to targeted attacks to make more money. PowerGhost is distributed within corporate networks, infecting both workstations and servers, the study said.