Are your operations safe from the latest cyber scams? A malware alert from DomainTools Investigations (DTI) specialists reveals hackers are exploiting popular digital platforms to target establishments like yours. Learn more about it here.
Deceptive Tactics at Play
As the name suggests, DocuSign simplifies document signing — no printing, no scanning, just easy electronic transactions. Gitcode, on the other hand, streamlines code management and enables easy collaboration and version control.
Unsurprisingly, these tools are a mainstay in many companies’ daily activities. Threat actors are taking advantage of their popularity, as seen in the latest wave of cybersecurity incidents.
We can thank the team at DTI for discovering how these attacks work:
- Creating the lure: Criminals use a tactic called “spoofing,” where they craft fake versions of websites. People typically end up on these platforms due to email spam, malvertising, and social engineering.
- Malicious instructions: Users might get a seemingly harmless CAPTCHA verification screen, but checking the box creates a copy of a PowerShell script to your clipboard. It directs you to paste and run it via the Windows Run prompt.
- Infection: Once executed, the script downloads a more sophisticated script that retrieves additional payloads and eventually installs a NetSupport remote access trojan (RAT) virus.
- System takeover: The software allows attackers to gain full administrative privileges and steal sensitive data remotely. What’s worse, it also becomes easy to distribute RATs to connected computers.
Detecting Remote Access Trojans
RATs are good at remaining undetected; only specific scans can confirm their presence. You can, however, stay on the lookout for the warning signs of a security breach:
- Virus detection programs bugging out or constantly crashing
- Computers and devices running considerably slower than normal
- Constantly redirected browser requests or web pages refusing to load
- Presence of files and programs not installed by your team
First, limit the damage with a company-wide malware alert instructing everyone to disconnect their devices from the network. Contact your IT department or hire an independent team to investigate and resolve the issues.
How Can You Stay Ahead of Elusive Malicious Software?
Prevention is always the best cure. Avoid company data and system compromise by incorporating these steps into your cybersecurity routine:
- Educate your team: Human error is one of the biggest risks in today’s digital landscape. Train staff members to recognize phishing attempts and follow safe browsing habits.
- Create strong passwords: Require complex combinations of uppercase and lowercase letters, numbers, and symbols. Enable multi-factor authentication whenever possible, too.
- Invest in robust antivirus software: Think of it as your company’s digital guard dog, ready to fend off intruders 24/7. It will lock any suspicious activity and send you a threat notification.
- Update systems and software frequently: Outdated tools are like leaving the back door open — don’t give hackers an easy way in.
Why wait for another cyberattack warning? The recent malware alert from DTI shows that threat actors are becoming increasingly sophisticated. Proactively strengthening cybersecurity measures isn’t just a precaution but a necessity for any business.
