40,000 machines at more than 9,000 organizations have been infected with a traffic manipulation and cryptocurrency mining campaign known as Prowli, which is siphoning off power from devices to acquire cryptocurrency according to researchers at Guardicore Labs. Alex Calic, Chief Strategy and Revenue Officer at The Media Trust commented below.
Alex Calic, Chief Strategy and Revenue Officer at The Media Trust:
“The campaign was likely made possible through an attack on a digital third party with weaker security measures, which we see more often than brute force attacks. The hackers utilized code that invokes calls to a compromised command and control server and spread it through ads to the compromised sites. Companies need to do three things to prevent these breaches: first, collaborate with their digital vendors and partners on improving the security of their digital ecosystem; second, continuously scan their digital assets in real time for any new or unauthorized activities; and finally, enforce password rules that require lengthier–rather than more complex—passwords of 15 -20 characters, which take longer for hackers to figure out.”