When we talk about the Cryptocurrency miners which can infect about 50% of the workstation at European International Airport.
Malware affects the entire system of airports.
Suspected Malware
According to researchers, the malware was discovered while installing Endpoint detection and response(EDR). EDR is the advanced behavioral detection and threat hunting platform which helps to detect the issues.
When the Endpoint Detection and Response (EDR) were rolled out from the International Airport in Europe then the researcher identified an interesting crypto mining infection where the cryptocurrency mining software was installed on more than 50% of the international airport workstation as the media reported.
The malware we are talking about is detected and it was associated with the anti-coinminer campaign as reported by the Zscaler in 2018. The behavior of implementing multiple processes over a short time frame and the malware was presumed to be the bitcoin miner.
The main path was not traceable right now and how the malware got into the workstations even though all the workstations at the airports run an industry-standard AV solution that also doesn’t detect the malicious activity.
The threat actor used the reflective DLL loading which is a typical evasion tactic that can mask the loading or installing of the malware files. The malware that was found is used for months before the installation of EDR.
According to the media “ the malware happens to be the cryptocurrency miner that can impact the business was relatively minor and also limited to the performance degradations which can lead to quality service and service interruptions which increase in power consumption through the airport.
Modified attackers
The Highest privileges that were possible to take emphasis on any application for the user of workstation resources. The threat actors are modified by malware techniques that they would be more challenging to get identified from the infected computer.
Followed
The best way to protect the systems, the company may have AV with EDR for the prevention and detection of malware rather than using AV alone.
If you find any suggestions for this Cryptocurrency Miners article. Let me know in the comment section. Thank You