Researchers have uncovered a cryptojacking campaign that looks to spread across infected networks, targeting business PCs and servers.
Bob Noel, Director of Marketing and Strategic Partnerships at Plixer:
“When PowerGhost makes its way onto a corporate network, the business is being robbed of key resources. This negatively impacts productivity, profitability and customer satisfaction. There are many ways that organizations can both protect themselves and identify if PowerGhost has made its way into their environment. First, any organization that has not applied the patch for Eternal, should prioritize doing so. This vulnerability has been known since early 2017, and there are many instances of bad actors using it for their nefarious efforts. In addition, organizations should be leveraging a network traffic analysis platform to monitor for any peer to peer network traffic using port 445 as this is an indication of the SMBv1 vulnerability.”