New pastebin-like service used in multiple malware campaign – Expert comments

Research (from Juniper Threats Labs) on a  New Pastebin-like service used in multiple malware campaigns identified several malware campaigns that rely on a Pastebin-like service for its infection chain (paste.nrecom.net). Attacks start as a phishing email and, when successful, download the next stage of the malware from paste.nrecom.net and load it into memory without writing to disk. The threat actors are using two techniques that make it harder for organizations to defend against their attacks: a) the use of encryption to download malicious payload – many organizations either do not have the means to decrypt traffic to inspect its content or just cannot do it because of regulation;  and b) the use of common online services to hide malicious traffic, because organizations cannot block outright access to these services.

Experts Comments

October 06, 2020
Saryu Nayyar
CEO
Gurucul
Malicious actors have been evolving rapidly, adopting commercial tools and business models to their own ends, and the recent research from Juniper Threat Labs shows exactly that. By leveraging legitimate web services, attackers make it more difficult to balance business needs with their own security. As malicious actors become more sophisticated, organizations are forced to up their own game, improving their processes, tools, and user education, to make it harder for the attackers to get in.....Read More
Malicious actors have been evolving rapidly, adopting commercial tools and business models to their own ends, and the recent research from Juniper Threat Labs shows exactly that. By leveraging legitimate web services, attackers make it more difficult to balance business needs with their own security. As malicious actors become more sophisticated, organizations are forced to up their own game, improving their processes, tools, and user education, to make it harder for the attackers to get in and reach their targets. For example, tools like multi-factor authentication can thwart account compromise, while advanced behavioral analytics can identify and stop attacks that breach the perimeter.  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.