It seems that the data security landscape is constantly changing. Every day, new threats arise and fresh best practices emerge to keep companies at the forefront of protecting sensitive information. PKWARE’s staff of experts in data security share their thoughts in our blog, highlighting the most current topics on data security, management, and reduction. Check back frequently and join the conversation.

Stealthy Malware Discovered on Multiple Servers

Posted by on in Data Security

The ongoing battle between data security professionals and cybercriminals has often been described as an arms race. The two opposing forces at times appear to be stuck in a perpetual cycle of developing new tools to address advancements made by their adversaries. As much as governments and security firms are devoting resources to bolstering their network defenses, cybercriminals are expending just as much effort finding ways to bypass those developments. The ideal weapon for data thieves is malware that can operate on a system for a long stretch of time while avoiding detection.

Security experts recently discovered a strain of malware that demonstrates a high degree of stealthy behavior. Techworld reported that researchers from two cybersecurity firms identified a backdoor program known as the Linux/Cdorked.A module on multiple servers. The firms' engineers estimated that the malware currently affects hundreds of servers and the thousands of websites they host.

Malware demonstrates stealth capabilities
The main function of the Linux/Cdorked.A module appears to be to redirect requests to the Blackhole Exploit Kit, leaving users vulnerable to malicious payloads. What makes this malware strain unique is its ability to avoid detection. The backdoor writes only its modified binary to a server's hard drive. In addition, the amount of memory used to store its configuration is small and shared with legitimate processes. Because the configuration moves through HTTP that does not appear in normal logs, server administrators have had trouble identifying traces of its command and control.

Furthermore, the backdoor has processes built in that allow it to sense when a network administrator is the source of request. In these instances, the malware strain will not redirect the user, preventing opportunities for administrators to identify the infection.

Network liabilities present the need for encryption
With the emergence of stealthy malware programs that can successfully avoid detection by human operators and network defenses, enterprises need to shore up the other end of their data security solutions. If preventing intrusions is becoming a difficult and sometimes sisyphean endeavor, businesses can take steps to protect their at-rest and in-transit data with encryption. Using data encryption software solutions, businesses and individuals alike can secure their sensitive information by preventing hackers from accessing files. Cybercriminals may be becoming adept at eluding network defenses, but cracking encryption protocols remains a difficult prospect.

Tagged in: cybercriminals Data Security Encryption Malware

Comments

  • carlos correz Wednesday, 29 May 2013

    This is a terrifying article. Clearly, everyday internet users need to be made aware of these risks; and how to secure their data.

    Reply Cancel

Leave your comment

Guest Thursday, 03 October 2013