While most of us use the internet on a day to day basis, not many of us are aware of the dark Web, a digital black market one can use to get their hands on literally anything, from banned substances to malware that can create havoc.
Nukebot is one such malware that was put up for sale in the cyber community in December of last year. IBM X-Force Researchers were the first ones to find the malware advertised for sale. However, unlike other malware that usually generates an interest in the Dark Web community, NukeBot went almost unnoticed. The publisher of the malware was instead banned from several forums.
Thanks to the dented ego, the developer of the malware himself published/leaked the source code. NukeBot turned out to be a Trojan that comes with a web-based admin panel that lets attackers control infected endpoints. With the source code in the open apparently, the malware has been picked up and NukeBot is currently being employed for attacks on the financial system. As it happens with the most of the leaked malware, the source code is most likely be embedded into some other malware and due to the variations, it is difficult to detect.
How to prevent NukeBot attacks?
As the age old saying goes it is always better to be safe than sorry. One of the ways to do this is to put an end to malware even before they start spreading and cause damage. Banks and other financial services can actually take proactive measures before the malware hits their network. I have mentioned some elementary but effective steps in combating Nukebot.
Basic email hygiene
In most of the case, the threat’s first point of interaction is the PC or mobile endpoint. Social engineering is one of the most preferred methods to gain access. It’s also advisable to install a comprehensive antivirus like the BitDefender. Ensure that you toggle on the ‘Safe Browsing’ feature on it.
Overwhelmed by an email attachment you were not expecting? Think twice before opening such attachments as this is one of the common ways to offload malware in your system. Malicious emails usually seem to convey a rather exciting proposal and are most likely to have spell and other formatting errors. Even if you are sure of the source, it’s always better to scan the attachments for malware before actually opening it.
Avoid transactions on the public networks
Malware is often injected via public Wi-Fi and as such, it’s advisable to use a VPN. This will help you prevent NukeBot from infecting your device.
Stay away from free stuff
As a rule of thumb, stay away from free stuff, especially on a computer that you use for online transactions. Malware is often baked into free campaigns and exploit kits are injected into the victim’s computer. The free offers usually come with a backdoor to the endpoint eventually pushing the spyware, ransomware or banking trojans to the endpoint.
Update all your devices
Make sure that you update all your devices, including smartphones, to the latest security update. This is very crucial as the manufacturer usually deploys a patch for exploits in every security update. Lock both your smartphone and computer with a password. It’s also advisable to not root or jailbreak your phone as this might help intruders find more back doors.
Presence of mind
Look out for odd behavior and ensure that you switch on the two-factor authentication for all the third party apps. Furthermore, it’s also advisable to use a security app for the mobile devices as well.
The aforementioned steps will not only help you prevent a NukeBot attack but will also safeguard you from other malware with similar traits.
RELATED STORIES YOU NEED TO CHECK OUT: