Home News StripedFly Malware: Threat Unveiled

StripedFly Malware: Threat Unveiled

0

Kaspersky cybersecurity researchers recently unearthed an intriguing malware, StripedFly. Initially mistaken as a mere cryptocurrency miner in 2017, StripedFly’s true potential has only recently come to light. This malware can execute remote commands, capture screenshots, and pilfer sensitive data, including passwords. Additionally, it can harness the integrated microphone to record audio, traverse to neighboring endpoints through pilfered credentials, exploit EternalBlue for system infiltration, and even engage in Monero mining.

StripedFly Malware: Threat Unveiled

The Monero Mining Ruse

Monero mining serves as a clever diversion tactic, hampering code analysis efforts.

This stratagem yielded success, with an alleged one million compromised devices. However, uncertainty surrounds this number; only verifiable data pertains to 220,000 Windows infections since February 2022, obtained from a Bitbucket repository created in 2018.

Kaspersky estimates well over a million infections, especially since StripedFly targets both Windows and Linux endpoints.

The masterminds behind this operation remain a mystery. While Kaspersky refrains from labeling it as state-sponsored, it aligns with the characteristics of an Advanced Persistent Threat (APT), often associated with state backing.

Kaspersky’s report highlights the malware’s versatility, functioning as an APT, crypto miner, and even a ransomware group. The Monero cryptocurrency reached its peak value at $542.33 on January 9, 2018, compared to around $10 in 2017, maintaining a value of approximately $150 as of 2023.

Crucially, the mining module is the linchpin enabling this malware to elude detection over an extended period.

NO COMMENTS

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Exit mobile version