In response to an update from researchers on a new variant of the password-stealing Ursnif bank trojan that employs “fileless persistence which makes it difficult for traditional anti-virus techniques to filter out the C2 traffic from normal traffic,” an expert with Virsec offers perspective.
New malware campaigns spotted in the wild, using malicious Microsoft Office docs to infect PCs with GandCrab #ransomware and Ursnif info-stealer #Malware https://t.co/YpE8HGv1vQ pic.twitter.com/O6iScIQ18G
— Science and Tech Therapy (@snttherapy) January 26, 2019
Expert Comments below:
Ray DeMeo, Co-Founder and COO at Virsec:
“This is just the latest example of how anti-virus and signature-based security tools are easily bypassed by creative hackers. There are hundreds of sophisticated hacker tools readily available, that can be morphed into endless numbers of new-looking attacks with new signatures that aren’t recognized. We need to assume these threats will continue to get through and focus on stopping what the attackers are trying to achieve – corrupting applications, stealing valuable data or causing business disruption. We need to move beyond endless threat chasing to definitively protect the crown jewels – critical applications and infrastructure.”