• About
  • Advertise
  • Careers
  • Contact
Monday, February 6, 2023
No Result
View All Result
NEWSLETTER
Cyber360 News
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
No Result
View All Result
Cyber360 News
No Result
View All Result
Home Security

All-In-One Malware ‘Plurox’ Can Hack Your PC In ‘Three Different Ways’

by Cyber360 News
November 11, 2019
in Security
0
All-In-One Malware ‘Plurox’ Can Hack Your PC In ‘Three Different Ways’
0
SHARES
1
VIEWS
Share on FacebookShare on Twitter

Kaspersky security team has discovered a new strain of malware called Plurox, which packs a cryptominer, backdoor, and worm-like plugins, all into one.

Plurox is a cut above the regular malware. It comes with advanced capabilities that can spread the malware laterally to more systems and mine cryptocurrency using one of its eight different plugins.

jamf now

This self-spreading virus has a modular structure which facilitates its multi-faceted features such as backdoor trojan and cryptominer.

Modular structure of Plurox

At its core, Plurox contains a primary component that allows Plurox bots (the infected hosts) to communicate with a command and control (C&C) server.

The Kaspersky team says that this component is crucial and the authors of Plurox use it to download and run files on the infected hosts. The downloaded files are called “plugins,” which contain most of the malware’s features.

Motive behind Plurox: Cryptomining

Eight different plugins have been found in Plurox and their sole purpose is cryptocurrency mining. These plugins are based on various hardware configurations for CPU/GPU mining. In addition to this, there’s an UPnP plugin and an SMB plugin.

By monitoring the malware’s activity, the team found two ‘subnets.’ One subnet is dedicated to receiving only mining modules and the other subnet is focused on downloading all modules that are available.

Although the purpose of having two separate communication channels is unclear, it does establish that the primary feature of both subnets is cryptocurrency mining.

Plurox inspired by NSA exploits

The SMB plugin mentioned previously is essentially a repackaged NSA exploit called EternalBlue that was publicly leaked in 2017.

The plugin allows bad actors to scan local networks and spread the malware to vulnerable workstations via the SMB protocol (running the EternalBlue exploit).

But that’s not all. UPnP is actually the sneakiest and most nasty plugin among all. It creates port forwarding rules on the local network of a compromised system and uses it to build backdoors into enterprise networks bypassing firewalls and other security measures in place.

Once again, the inspiration behind the use of the UPNP plugin came from another leaked NSA exploit called EternalSilence. However, instead of using the actual EternalSilence code, they developed their own version.

jamf now

Security researchers are still trying to figure out how the Plurox crew is spreading the malware to hijack larger networks. For more information on the same, you can refer to Kaspersky’s SecureList blog.

Also Read: Zero-Day Flaw In Firefox Is Getting Exploited By Hackers; Update Now!
Cyber360 News

Cyber360 News

Next Post
US Lawyer Who ‘Sucked’ Money From ‘Porn Lovers’ Faces 14-Year Prison Time

US Lawyer Who ‘Sucked’ Money From ‘Porn Lovers’ Faces 14-Year Prison Time

Recent Posts

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

October 6, 2021
Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

October 1, 2021
Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

October 1, 2021

Whats New in Kali Linux?

September 14, 2021

Kali Linux 2019.3 Release (CloudFlare, Kali-status, metapackages, Helper-Scripts & LXD)

September 14, 2021

Kali Linux 2021.3 Release (OpenSSL, Kali-Tools, Kali Live VM Support, Kali NetHunter Smartwatch)

September 14, 2021

Kali Linux 2018.4 Release

September 14, 2021

Kali Linux 1.0.5 and Software Defined Radio

September 14, 2021

Kali Tools Website Launched, 1.0.9 Release

September 14, 2021

Kali Linux Dojo at Black Hat Vegas 2016

September 14, 2021

Category

Site Links

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

About Us

We bring you the best Premium WordPress Themes that perfect for news, magazine, personal blog, etc. Check our landing page for details.

© 2019 Cyber360 News - Powered by WebSensePro

No Result
View All Result
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us

© 2019 Cyber360 News - Powered by WebSensePro

Login to your account below

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In