According to the company on cyber security GuardiCore, they discovered the virus software of the company “Prowli Malware” which manipulated the traffic and set exploits for mining cryptocurrency. They were infected more than 40,000 computers in various industries including Finance, education and government agencies.
Prowli Malware campaign used various methods to spread malware, such as exploits and hacks passwords, using web servers, modems and devices the Internet of Things (IoT). Experts GuardiCore was discovered that the hackers behind the Malware Prowli, was focused more on making money than on ideology or spying.
Impact of virus ON
According to the report, a compromised device has been infected with a miner Monero (XMR) and the worm r2r2, who conducted the attack using SSH on jailbroken devices and supported Prowli for impact on new victims. In other words, arbitrarily generating an IP block, r2r2 tries to decrypt SSH-logins and passwords of the user, and after the break-launches a number of tools to unauthorized mining.
In addition, the cyber fraudsters used a malicious script with open source code called “WSO Web Shell” to host malicious code on compromised web sites that redirect site visitors to the system traffic distribution, and then to other malicious sites. Once redirected to the fake site, users became victims, after using malicious browser extensions. According to the team GuardiCore, Prowli virus managed to get into the system more than 9,000 companies.
If you find an error, please highlight the text and press Ctrl+Enter.