Connect with us

ZDNET

Go malware is now common, having been adopted by both APTs and e-crime groups

There’s been a 2,000% increase of new malware written in Go over the past few years.

Published

on

go-lang.png

The number of malware strains coded in the Go programming language has seen a sharp increase of around 2,000% over the last few years, since 2017, cybersecurity firm Intezer said in a report published this week.

The company’s findings highlight and confirm a general trend in the malware ecosystem, where malware authors have slowly moved away from C and C++ to Go, a programming language developed and launched by Google in 2007.

Intezer: Go malware, now a daily occurrence

While the first Go-based malware was detected in 2012, it took, however, a few years for Golang to catch on with the malware scene.

“Before 2019, spotting malware written in Go was more a rare occurrence and during 2019 it became a daily occurrence,” Intezer said in its report.

But today, Golang (as it’s often also referred to instead of Go) has broken through and has been widely adopted.

It is used by nation-state hacking groups (also known as APTs), cybercrime operators, and even security teams alike, who often used it to create penetration-testing toolkits.

There are three main reasons why Golang has seen this sudden sharp rise in popularity. The first is that Go supports an easy process for cross-platform compilation. This allows malware developers to write code once and compile binaries from the same codebase for multiple platforms, allowing them to target Windows, Mac, and Linux from the same codebase, a versatility that they don’t usually have with many other programming languages.

The second reason is that Go-based binaries are still hard to analyze and reverse engineer by security researchers, which has kept detection rates for Go-based malware very low.

The third reason is related to Go’s support for working with network packets and requests. Intezer explains:

“Go has a very well-written networking stack that is easy to to work with. Go has become one of the programming languages for the cloud with many cloud-native applications written in it. For example, Docker, Kubernetes, InfluxDB, Traefik, Terraform, CockroachDB, Prometheus and Consul are all written in Go. This makes sense given that one of the reasons behind the creation of Go was to invent a better language that could be used to replace the internal C++ network services used by Google.”

Since malware strains usually tamper, assemble, or send/receive network packets all the time, Go provides malware devs with all the tools they need in one place, and it’s easy to see why many malware coders are abandoning C and C++ for it. These three reasons are why we saw more Golang malware in 2020 than ever before.

“Many of these malware [families] are botnets targeting Linux and IoT devices to either install crypto miners or enroll the infected machine into DDoS botnets. Also, ransomware has been written in Go and appears to become more common,” Intezer said.

Examples of some of the biggest and most prevalent Go-based threats seen in 2020 include the likes of (per category):

Nation-state APT malware:

  • Zebrocy – Russian state-sponsored group APT28 created a Go-based version of their Zebrocy malware last year.
  • WellMess – Russian state-sponsored group APT29 deployed new upgraded versions of their Go-based WellMess malware last year.
  • Godlike12 – A Chinese state-sponsored group deployed Go-based backdoors for attacks on the Tibetan community last year.
  • Go Loader – The China-linked Mustang Panda APT deployed a new Go-based loader last year for their attacks.

E-crime malware:

  • GOSH – The infamous Carbanak group deployed a new RAT named GOSH written in Go last August.
  • Glupteba – New versions of the Glupteba loader were seen in 2020, more advanced than ever.
  • A new RAT targeting Linux servers running Oracle WebLogic was seen by Bitdefender.
  • CryptoStealer.Go – New and improved versions of the CryptoStealer.Go malware were seen in 2020. This malware targets cryptocurrency wallets and browser passwords.
  • Also, during 2020, a clipboard stealer written in Go was found.

New ransomware strains written in Go:

Naturally, in light of its recent discoveries, Intezer, along with others, expect Golang usage to continue to rise in the coming years and join C, C++, and Python, as a preferred programming language for coding malware going forward.

It is used by nation-state hacking groups (also known as APTs), cybercrime operators, and even security teams alike, who often used it to create penetration-testing toolkits.

Source: https://www.zdnet.com/article/go-malware-is-now-common-having-been-adopted-by-both-apts-and-e-crime-groups/

go-malware-is-now-common,-having-been-adopted-by-both-apts-and-e-crime-groups

ZDNET

Crackonosh malware abuses Windows Safe mode to quietly mine for cryptocurrency

The malware is thought to have generated millions of dollars in just a few short years.

Published

on

Researchers have discovered a strain of cryptocurrency-mining malware that abuses Windows Safe mode during attacks.

The malware, dubbed Crackonosh by researchers at Avast, spreads through pirated and cracked software, often found through torrents, forums, and “warez” websites.

After finding reports on Reddit of Avast antivirus users querying the sudden loss of the antivirus software from their system files, the team conducted an investigation into the situation, realizing it was due to a malware infection.

Crackonosh has been in circulation since at least June 2018. Once a victim executes a file they believe to be a cracked version of legitimate software, the malware is also deployed.

The infection chain begins with the drop of an installer and a script that modifies the Windows registry to allow the main malware executable to run in Safe mode. The infected system is set to boot in Safe Mode on its next startup.

“While the Windows system is in safe mode antivirus software doesn’t work,” the researchers say. “This can enable the malicious Serviceinstaller.exe to easily disable and delete Windows Defender. It also uses WQL to query all antivirus software installed SELECT * FROM AntiVirusProduct.”

Crackonosh will scan for the existence of antivirus programs — including Avast, Kaspersky, McAfee’s scanner, Norton, and Bitdefender — and will attempt to disable or delete them. Log system files are then wiped to cover its tracks.

In addition, Crackonosh will attempt to stop Windows Update and will replace Windows Security with a fake green tick tray icon.

The final step of the journey is the deployment of XMRig, a cryptocurrency miner that leverages system power and resources to mine the Monero (XMR) cryptocurrency.

Overall, Avast says that Crackonosh has generated at least $2 million for its operators in Monero at today’s prices, with over 9000 XMR coins having been mined.

Approximately 1,000 devices are being hit each day and over 222,000 machines have been infected worldwide.

In total, 30 variants of the malware have been identified, with the latest version being released in November 2020.

“As long as people continue to download cracked software, attacks like these will continue and continue to be profitable for attackers,” Avast says. “The key take-away from this is that you really can’t get something for nothing and when you try to steal software, odds are someone is trying to steal from you.”

Previous and related coverage

Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0

Crackonosh has been in circulation since at least June 2018. Once a victim executes a file they believe to be a cracked version of legitimate software, the malware is also deployed.

Source: https://www.zdnet.com/article/crackonosh-malware-abuses-windows-safe-mode-to-quietly-mine-for-cryptocurrency/

crackonosh-malware-abuses-windows-safe-mode-to-quietly-mine-for-cryptocurrency

Continue Reading

ZDNET

South Australia splashes out on space, defence, and cybersecurity in 2021-22 Budget

The South Australian government believes tech-focused sectors such as defence, space, and cybersecurity will have a key role to play in the state’s future.

Published

on

In taking a forward-looking approach into what the future of South Australia will look like, the South Australian government has announced it will bolster investment in tech-focused sectors such as defence, space, and cybersecurity as it hands down the 2021-22 Budget [PDF].

“This Budget is our blueprint for a stronger South Australia, creating jobs, building what matters and delivering better services to further secure our growing global reputation as one of the safest and most attractive places in the world to live, work, and raise a family,” Treasurer Rob Lucas said on Tuesday.

Some of the specific funding announcements include AU$20.8 million to upgrade the existing buildings at Lot Fourteen to make way for the expansion of space, digital, hi-tech, and cyber companies, with a particular focus on companies involved in small satellite development.

Separately, AU$6.6 million will be contributed over five years to assist with the SASAT1 Space Services Mission, which will see a local manufacturer launch a small satellite in mid-2022 as well as deliver space-derived services to the state.

South Australia’s Defence and Space Landing Pad program has also received a boost, with the state government saying it will deliver AU$860,000 over three years for the program that is used to support international defence and space companies that bring new, sought-after capability to South Australia.

Local artificial intelligence and health technology companies are set to receive additional support through a AU$1.6 million allocation delivered over four years. Under this investment, AU$985,000 will be used for grants to support AI and health technology companies through matching co-funding for health application pilots, and $589,000 to deliver project support activities, including investment concierge services.

Meanwhile, AU$2.6 million will be earmarked to support small businesses developing digital and cyber security capabilities as well as other capabilities to enter the national market.

The Budget papers also indicated AU$21.1 million over three years will be dedicated towards the implementation of stages three and four of the South Australia Police Shield project, which involves linking South Australia Police’s data and records management system directly with other justice sector agencies. The state government touted the move will improve collaboration and data sharing capabilities.

In a bid to boost bushfire response, the 2021-22 Budget revealed that it will contribute AU$7.7 million over four years towards the ongoing management, support, and maintenance of automatic vehicle location systems (AVL) used by the emergency services sector. AVL provides real time location information of firefighting and other emergency response vehicles during incidents. AVL is expected to be installed in approximately 1,400 vehicles at a total cost of AU$12.7 million.

Additionally, the 2021-22 Budget indicated support for the state government’s commitment to improving digital services for citizens remains ongoing through its AU$120 million Digital Restart Fund, noting that AU$4.3 million in 2021-22 will be put towards the South Australian government’s online services portal, AU$5.5 million over two years for the expansion of the residential aged care enterprise system, AU$1.3 million over two years for the child and family services information systems, and AU$500,000 in 2021-22 for the Safeguarding smartphone app.

Related Coverage

Source: https://www.zdnet.com/article/south-australia-splashes-out-on-space-defence-and-cybersecurity-in-2021-22-budget/

south-australia-splashes-out-on-space,-defence,-and-cybersecurity-in-2021-22-budget

Continue Reading

ZDNET

How to build business credit

Business credit is vital for businesses that need to borrow money to grow. Building business credit is not impossible; it just takes time and dedication.

Published

on

The face of business continues to change. Even before the pandemic of 2020 hit, business market trends suggested that the growth of e-commerce would continue to be the big wave of the future. Businesses are learning to adapt to changes in the digital marketplace and stay ahead of changes by adopting the innovations of e-commerce.

As consumer spending continues to rise, businesses will have to invest to compete. This will require working capital and cash flow to purchase the software and technologies needed to survive in the digital economy.

For those businesses without large amounts of working capital or wealthy investors — like many small businesses and startups — it has brought up the idea of building business credit.

Below, ZDNet has all the information you need on how to build business credit.

What is business credit?

At some point, entrepreneurs and business owners consider borrowing money. Many have not accumulated enough capital and cash to hit the ground running right out the gate when starting a business.

Business credit allows a business owner or company to borrow money to build their business, pay for the necessary purchases, or expand their business. Of course, they must pay this money back with interest.

Some businesses do get to the point where they can maintain their working operations off of profits, but most require constant cash flow — good business credit affords this.

However, it isn’t as simple as walking into a bank and getting large amounts of cash. Businesses must first work hard to build business credit to qualify for needed loans. It takes patience and the right knowledge to build business credit the right way.

How to build business credit the right way?

Most people are familiar with building credit for personal use — applying for loans, purchasing homes or vehicles, or getting credit cards — building business credit is not much different in principle.

How to choose a business structure?

Unless you plan on being a sole proprietor, you must first establish your business as an entity separate from yourself. Not doing so leaves you open to assuming personal liability if legal issues were ever to arise.

In addition, separating yourself from your business also brings advantages at tax time. The most common business entities are limited liability companies (LLC) and corporations.

How to register your business?

Once the proper business structure is chosen, you need to register your business and apply for a federal tax ID from the IRS — known as an EIN. Without an EIN, you will be unable to open business bank accounts or apply for business lines of credit.

How to establish a business credit profile?

Once your business entity is filed and registered, you can begin the task of building your business credit. To establish a trusted financial reputation among lenders, you will need to have a working business credit file.

Every lender will check your credit profile when you apply for a loan or line of credit. The lender must establish trust with the borrower, making sure money borrowed will be repaid. This is referred to as “creditworthiness.”

One way you can begin to develop this trust is by opening a business bank account.

Begin building business credit

There are numerous business bank accounts for traditional banking and online banking. You must find one that suits your business needs.

Consider these when choosing a business bank account:

  • Is it trusted and secure? Make sure you establish a bank account with a trusted bank, one that is registered and insured by the FDIC. As time goes on, you will also want to ensure your bank is an equal opportunity lender in good standing; all reputable banks are.

  • Explore the services and management tools. Chances are you will want to apply for a business credit card; if so, what are the APR rates? What type of management tools do they offer for business accounts?

  • Check the investment rates and maintenance fees. If you’re looking to earn interest on your money, what are their APY rates? What are the required minimum balances to take advantage of those rates? Most banks have monthly maintenance fees, another factor to consider.

  • How are the help and support? New business owners will profit from a bank with professional help centers and financial advisors on-site or within reach. If you’re always on the go, does the bank have an app for mobile banking?

Get a business credit card

Another way to help establish your business credit profile and build your business credit is by getting a business credit card. Business credit cards allow business owners to pay for necessary expenses without massive amounts of cash flow while also helping to build a business credit history.

Most come with higher credit limits and bonus rewards that you won’t find with personal credit cards.

Here are a few advantages:

  • More spending for business tools: Business owners, especially startups, can use higher credit limits to invest in the necessary software and business tools they may need. Business credit cards allow you to build business credit as you boost cash flow.

  • Protection on purchases: As opposed to cash-only purchasing methods, business credit cards often come with protection on purchases — if lost, stolen, or damaged.

  • Rewards and cashback: Many credit card companies offer rewards for spending, e.g. points or miles to travel. Some offer cashback bonuses after meeting certain spending thresholds.

  • Building business credit history: Perhaps the most significant advantage for our purposes is the ability to build a business credit history. It is essential to make your credit card payments on time or early to establish a trusted credit history. This will boost your business credit profile and score with credit bureaus.

Explore other forms of business credit

In addition to business credit cards, there are other ways to establish and build business credit. These include different forms such as supplier credit, vendor credits, and service or retail credits.

  • Supplier credit: Supplier credits are a great way to establish a reputation of trust with your business. Most businesses need a steady stream of supplies and inventory to maintain operation. Supplier credit is an agreement between you and a supplier allowing you to defer payment for supplies. This helps conserve working cash flow and allows you to build credit as you make your payments.

  • Vendor credit: Like supplier credits, vendor credits allow you to purchase services (or products) from vendors with short-term financing. These payments can be made with a business credit card, allowing you additional time until profits roll in. Again, making payments before or on time is critical.

  • Service credit: Service credits are usually the simplest form of building credit outside of business credit cards. Services providers — internet, phone, TV, or other utility services — allow business owners to build credit as they make service payments.

  • Retail credit: Business owners can also establish relationships with their preferred retailers; most offer store credit cards for businesses. This is yet another avenue to build credit as payments are made.

  • Pay early (or at least on time): Again, it is important to pay these entities on time, but preferably early. It is equally important that these entities report payments to credit bureaus. This will ensure that your business credit profile gets a boost.

Keep building and monitoring your business credit

Once your business credit profile is established, and in good standing, you will have a better opportunity to branch out into other forms of lending — lines of credit and business loans.

Again, it is vitally important that these lenders report to credit bureaus so that your business credit profile and history continue to rise.

It is also essential to monitor your business credit profile to ensure your record is up to date and free of errors. Unfortunately, fraudulent activity happens, and if you are not watching your credit profile regularly, this can have a detrimental impact on your business credit.

Currently, three major companies handle business credit reporting — Equifax, Experian, and Dun & Bradstreet. Each varies slightly in their reporting, but each offers ways to monitor your business credit score and standing and allows you to update business information if the need should arise.

Building business credit is not complicated, but it does take time and dedication. Doing so will ensure that your business is equipped and prepared for whatever the future may hold.

At some point, entrepreneurs and business owners consider borrowing money. Many have not accumulated enough capital and cash to hit the ground running right out the gate when starting a business.

Source: https://www.zdnet.com/article/build-business-credit/

how-to-build-business-credit

Continue Reading

Title

Ventureburn5 hours ago

ZwartTech launches Talent Foundation to equip Africans with digital skills

Lagos-based ZwartTech has announced the launch of its new edtech, Zwart Talent Foundation (ZTF) in a statement on 30 July...

CNBC1 day ago

Earnings

Corporate Company Earnings, Find Earnings Per Share and Earnings History Online

Bioengineer3 days ago

Reduced microbial stability linked to soil carbon loss in active layer under alpine permafrost degra

Credit: NIEER Chinese researchers have recently discovered links between reduction in microbial stability and soil carbon loss in the active

Reuters4 days ago

Chipmaker TSMC says too early to say on Germany expansion

Taiwan Semiconductor Manufacturing Co Ltd (TSMC) (2330.TW) said on Monday that it was too early to say whether it will...

Bioengineer5 days ago

SNMMI Image of the Year: PET imaging measures cognitive impairment in COVID-19 patients

Credit: G Blazhenets et al., Department of Nuclear Medicine, Medical Center - University of Freiburg, Faculty of Medicine, University of

Techcrunch6 days ago

The DL on CockroachDB – TechCrunch

As college students at Berkeley, Spencer Kimball and Peter Mattis created a successful open-source graphics program, GIMP, which got the...

CNBC6 days ago

International: Top News And Analysis

CNBC International is the world leader for news on business, technology, China, trade, oil prices, the Middle East and markets.

Blockchain news1 week ago

Ethereum is Expected to Undergo a 90% Daily Emission Reduction Following ETH 2.0 Upgrade

Market analyst Lark Davis believes that Ethereum 2.0 upgrade will prompt a 90% daily emission reduction from 12,800 to 1,280.

Reuters1 week ago

EXCLUSIVE India watchdog accuses Amazon of concealing facts in deal for Future Group unit

India's antitrust regulator has accused Amazon.com Inc (AMZN.O) of concealing facts and making false submissions when it sought approval for...

Bioengineer1 week ago

Scientists demonstrate promising new approach for treating cystic fibrosis

Scientists led by UNC School of Medicine researchers Silvia Kreda, Ph.D., and Rudolph Juliano, Ph.D., created an improved oligonucleotide therapy

Review

    Select language

    Trending