Kaspersky Labs reported late last week that an Updated version of the Rakhni malware strain can be either ransomware or a cryptominer. A Corero expert offers perspective in response.
Sean Newman, Director Product Management at Corero Network Security:
“We’re often remarking on the typical hackers’ penchant for taking the easy option, where possible, which often includes reuse of old techniques and, in this case, old malware code. The resurgence of the Rakhni malware with an updated ability to choose between ransomware and crypto-mining is a sign of the times, as we are now seeing a huge increase in crypto-jacking as the method of choice for cybercriminal revenue generation. However, with such complexity and now flexibility in the design of this particular malware, we shouldn’t be surprised if it gains other tools in its armoury, such as the ability to create a DDoS-for-hire botnet, as another revenue generator for the cyber community. In this case, your endpoint security won’t help you, as it’s other, less well secured, endpoints that’ll be creating the problem. And, in this case, if your organization relies upon its Internet availability, the only way to preserve that, is to deploy the latest real-time, automatic, DDoS protection solutions.”