-
- IceID is a dreaded trojan
- Within hours, hackers take control of the system
- There are ways to protect yourself
Ransomware and data breaches are two of the top cyber threats facing businesses. Once hit, companies often have no choice but to pay the ransom, or risk going out of business.
IceID, a formidable malware
Cybereason researchers have just published an interesting report about the IceID malware. The latter is a Trojan that has been circulating for many years, but there has been an increase in its use lately, in particular via a phishing campaign that tricks users into believing that they need to update their Zoom software.
In just a few hours, the security of a company’s computer system can be compromised. Everything starts with a single link in the chain, and it doesn’t matter what its rank is. The target begins by clicking on an ISO file which creates a virtual disk. This can sometimes be done legitimately, but here the trap closes and the infection process begins.
The sequel requires some computer skills on the hacker side. But nothing insurmountable. Within approximately 46 hours, malicious actors then gain access to the entire system to return to it later, even if IceID has been spotted and cleaned from all computers.
The latter are then spoiled for choice, and depending on their intentions, they can install ransomware to recover money, or dig directly into the information, if that is their objective.
How to protect against this threat?
Faced with this very concrete threat, Cybereason researchers are providing valuable advice to companies. In particular, they suggest ensuring that all operating systems and software used are properly updated. We know that hackers take advantage of security flaws to carry out their attacks.
Another basic measure, it is possible to prevent employees from opening ISO files, unless absolutely necessary. As this is the preferred way to infiltrate with IceID, the solution is found here.
The presence of security solutions adapted to the needs of a company is essential in order to better identify suspicious activities on the system.
Another aspect to consider is staff awareness of cyber threats. As we can see through the example of IceID, neglecting a few seconds can have particularly harmful consequences for the entire organization. If an employee concentrates more on consulting his emails, everyone’s security is then reinforced.
