Microsoft’s PowerShell is being increasingly used to spread malware

By: Costea Lestoc
2 minute read

We have to agree that Microsoft’s PowerShell is an awesome tool for IT professionals that are running Windows on their machines, but it seems that cyber criminals are now using it to spread malware.

According to Symantec, there are a large number of malicious PowerShell scripts in the wild and it seems these threats are growing at a fast pace, especially in the case of companies using the shell framework.

The security firm claims that most malicious PowerShell scripts are being used as downloads. Once the download is finished, the code is executed on the infected computer and, after that, the malware is spread across the entire network.

Scripts That Are Used To Remove Security Protection

Symantec claims that there are three common malware families that are spreading via PowerShell scripts: Trojan.Kotver, W97M.Downloader and JS.Downloader.

Symantec said that “over the last six months, we blocked an average of 466,028 emails with malicious JavaScript per day, and this trend is growing. Not all malicious JavaScript files use PowerShell to download files, but we have seen a steady increase in the framework’s usage”.

To make things even worse, cyber criminals are now creating more complex PowerShell scripts that function in stages, so instead of infecting the target computer directly, it will actually link it to a different script that will eventually launch the malware. By doing this, the malware is bypassing certain security solution and protection applications, including cases where scripts can be developed to uninstall some security solutions or even steal passwords that are used in the network.

We suggest you update your security software as often as possible in order to keep your computer safe. At the same time, you should always have the latest version of PowerShell installed.

Are you using PowerShell? Tell us your thoughts about the security issues this application comes with!

RELATED STORIES TO CHECK OUT:

For various PC problems, we recommend this tool.

This software will repair common computer errors, protect you from file loss, malware, hardware failure and optimize your PC for maximum performance. Fix PC issues now in 3 easy steps:

  1. Download this PC Repair Tool rated "Excellent" on TrustPilot.com.
  2. Click “Start Scan” to find Windows issues that could be causing PC problems.
  3. Click “Repair All” to fix all issues with Patended Technologies (requires upgrade).

Discussions

Next up

Best Windows 10 antivirus software to use in 2018

By: Radu Tyrsina
7 minute read

Update – 2018 will soon come to an end and we already have a guide on what is the best antivirus you should get in […]

Continue Reading

These features are out for good with Windows 10 version 1809

iamsovy@gmail.com' By: Sovan Mandal
2 minute read

Microsoft is all set to launch its next big update, Windows 10 version 1809 in October. While that should be a nice piece of news […]

Continue Reading

Windows 10 18H2 builds no longer receive new features

By: Matthew Adams
3 minute read

The Windows 10 October 2018 Update (otherwise 18H2) rollout might now be two to three weeks away. For the last few months, new build previews […]

Continue Reading