Malware

OSAMiner: The Apple cryptojacker that hid for five years

While OSAMiner has been around since 2015, and known since at least 2018, a newly discovered version of OSAMiner has remained hidden from researchers by cleverly concealing one run-only AppleScript inside of another run-only AppleScript. Run-only scripts do not contain human-readablez code and are notoriously difficult to fully decompile. Some IoCs have been able to be identified in these campaigns but a full analysis was not previously available, leaving some of the critical files in these campaigns lurking in the dark. This has changed with a couple of recently developed tools to aid in decompiling AppleScripts.

Using these tools, we can now get a better view at the internals of the files in this cryptojacking campaign, as well as a broader view of the files associated with the malware.

Acronis secure software development lifecyle

Following reports that SolarWinds’ Orion business software was compromised and used in a supply-chain attack by SUNBURST malware. The distributed malware then used elevated credentials gained by compromising network traffic management systems to target FireEye, a cybersecurity firm, and several U.S. government agencies. Details of the attack are available from the Cybersecurity and Infrastructure Security Agency (CISA).

While not affected by this event, Acronis wants to reassure partners and customers that we have a strict, secure software development life cycle (SDLC) in place, which we continuously strengthen, to ensure our solutions are safe, secure, and reliable.

New update adds vulnerability assessments to Acronis True Image

Our commitment to keeping users protected means enhancing Acronis Cyber Protection Solutions with the capabilities needed to keep their system, device data, and backups secure from the latest threats. That’s why today, we’re releasing an update to Acronis True Image that adds a new vulnerability assessment tool to close the gaps in their system’s security, as well as an enhanced antiransomware engine and improved disk cloning capabilities for Windows machines.

CoronaVirus ransomware and infostealer attack

At the moment, scammers are trying to cash in by sending out emails that promise pandemic relief money. The emails impersonate official entities such as the U.S. Federal Reserve or other official institutions. With subject lines like “Receive Payment” or “Relief Payment Form”, anxious users are motivated to click on a link that redirects to a phishing website, which tries to steal personal information or online banking credentials. Other email variants use these stimulus bills as bait to deliver a password protected “COVID 19 Relief.doc” document that contains a financial trojan or ransomware.

And we still see waves of classic COVID-19 themed malware threats making the rounds. One such threat example that we came across recently dropped a combination of ransomware and infostealer malware.

  • Acronis detects spike in malware attacks during coronavirus pandemic

No one needs a reminder of the enormous toll that the COVID-19 pandemic is inflicting on lives around the globe. It is affecting our physical and mental health, our economic prospects, and our connections to our loved ones.

But two months ago Acronis predicted a lesser-known side effect of the contagion: a flood of new cyberattacks committed by criminals who see financial opportunity in the confusion, fear, and drastically new work habits that the pandemic has thrust upon much of the world.

Now our global network of Acronis Cyber Protection Operations Centers has detected a spike in malware attacks that confirm those concerns.

 

Acronis Now Offers Backup for G Suite and Cryptomining Protection for Businesses

With two newly released updates, Acronis takes its cyber protection capabilities for businesses to an exciting new level, allowing IT pros and business managers to focus on other priorities and rest even easier knowing their data is safe. The latest updates add integrated G Suite protection to Acronis’ existing backup and recovery services for more than 20+ platforms, plus built-in protection against cryptojacking, one of the fastest-growing malware threats.

Let’s take a closer look at how Acronis strengthened its cyber protection capabilities for businesses that take advantage of Acronis’ cloud offerings, Acronis Backup Service and Acronis Backup Cloud.

In case you missed it, Microsoft issued a warning last Friday to alert users that they might experience issues with the upcoming May 2019 Update for Windows 10 (version 1903) – and the issues are difficult to avoid. The good news is that Microsoft’s proactive communications means you can take precautions to protect your data before you initiate the update.

Use these seven tips to manage any changes ahead, whether it’s a standard Win 10 update, if your one of the 35% of companies upgrading from Win 7, or you’re coping with any future system update.
 

Protect infrastructure by blocking obvious vulnerabilities

In 1966, Robert F. Kennedy delivered a speech that cited an ancient Chinese curse: “May [you] live in interesting times.” He continued, “Like it or not, we live in interesting times. They are times of danger and uncertainty, but they are also the most creative of any time in the history of mankind.”

That measured perspective, simultaneously seeing the glass as half-empty and half-full, is a useful one to adopt when considering infrastructure vulnerabilities in 2019.

CRN Partner Program Guide 5-Star Award Winner

The Acronis Partner Program is a 2019 CRN Partner Program Guide 5-Star winner – a tremendous endorsement of the key ways we work to put our partners first.

Celebrating Advanced Tech and the Differentiation Paradox at CloudFest 2019

There’s no doubt businesses increasingly view the cloud as an agile, efficient way to manage their IT needs: 58 percent are moving toward a hybrid IT environment and another 18 percent are looking to move completely to the cloud (per 451 Research). This means that managed service providers (MSPs) need the right tools to stay in the game – and ahead of the competition – to facilitate this process for customers and capture some of the projected $186.4 billion cloud computing market.

Next week at CloudFest 2019, Acronis will join 7,000 global cloud, hosting, and service provider industry pros to share IT solutions that enable MSPs to solve pressing, complex customer problems. Here’s a preview of what will be top-of-mind at Acronis’ CloudFest booth #F04.