Hackers often use legitimate software for their purposes. It helps them stay invisible to antivirus and other security systems. This was stated by Alexey Lednev, Head of Expertise at PT Expert Security Center at Positive Technologies.
Attackers quite often use legitimate tools to carry out cyberattacks, because thanks to them they can hide their activities and remain незаметными for some means of protection.
Antivirus software may not notice the use of such tools or mark them as unwanted software. Usually, this does not cause an immediate reaction from cybersecurity specialists.
As an example of how software can be misused, the expert mentioned Ngrok. This software allows you to turn a regular computer into a server that can emulate the launch of a website or software with online functions.
This function is often used by developers to demonstrate pre-release versions of their products to customers or colleagues. When using Ngrok, the developer provides customers or colleagues with access to the product and, therefore, to their computer via a secure channel called a "tunnel".
According to Lednev, attackers often install Ngrok on infected computers. They use this software to control the victim's system. Since Ngrok is considered legitimate software, security systems may not recognize it as a threat and пропускать traffic between the infected computer and the hacker's device.
Ngrok is held in high esteem by hackers, as it helps build tunnels into the infrastructure being attacked. It has been used very actively in recent years. According to the analysis of the Positive Technologies incident response team, it is used in 16–25% of all attacks.
Earlier it became known that the Cabinet continues to improve laws against fraudsters. New initiatives give law enforcement agencies the right to block funds in citizens' accounts without a court order. This is aimed at combating cybercrime and theft. The блокировка will last no more than ten days and will only affect the stolen amount.
Read more on the topic:
Criminal liability is to be introduced for droppers in Russia
Almost half of the programs that replaced iOS applications are dangerous
Fraudsters have begun to deceive Russians through fake delivery from pick-up points
Fraudsters offer "help" to victims of fraud: how not to become a victim of a new scheme
Now on home
Герой России Гарнаев: никто из профессионалов о возобновлении производства на КАЗ всерьёз не говорит
Система отслеживает спутники на высотах до 50 000 км и ведёт за ними наблюдение
The armored vehicle is equipped with a KamAZ-740.35-400 diesel engine with a power of 400 hp.
Constant improvements in avionics, weapons and tactical capabilities will make the aircraft a flexible response to future challenges
The exterior of the KamAZ-54901 features fairings on the cab and chassis for fuel economy
Fighters are in demand both domestically and abroad
Tyazhpromexport and Venezuela Agree on Plant Revival
The company not only completed the state order, but also quickly mastered the production of AK-12K for special forces
Experts have developed a photogrammetric complex with a resolution of less than 1 cm
