Security expert Ben Johnson from Carbon Black commented below on the reports about Furtim – a new strain of ‘paranoid’ malware that is taking extreme pains to avoid detection – least of which being to scan its intended target for any traces of 400 different security solutions before it sticks its head over the parapet – then doing a runner if even one of them is present.
Ben Johnson, Chief Security Strategist, Carbon Black:
“Furtim is pretty well aligned with the broader trend that we’re seeing at the moment: hackers are becoming far more akin to secret agents than bank robbers, building malware that can sneak under the radar in order to increase the ultimate payoff. The extreme measures that Furtim goes to in order to remain undetected show just how far this new generation of hackers is willing to go. Not only is it programmed to steer clear of any targets that might put up a fight, Furtim is going to great lengths to cover its tracks by taking control of a variety of mechanisms within the endpoint devices that it lands on.
“This is precisely why it’s so vital that organisations have continuous monitoring running on all endpoint devices, as that’s the only sure-fire way to capture the entire ‘kill chain’ of a successful attack so it can be traced back to where it came in and shut out completely. It’s also another reminder of why we need to get out there and start proactively threat hunting, so we can identify any similar breeds of sneaky malware sitting on our systems undetected.”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.