zeeshan khan
In an effort to strengthen the Google security operations community, Google’s managed defense team released a technical in-depth analysis of a verified malware threat that functions as a backdoor and supports commands for tracking, screen capture, audio recordings capture, remote shell, file transfer, and file execution. Playfulghost, the virus, has been seen to be spread by SEO poisoning techniques that “bundle” it with well-known VPN and other tools. Here is what you should know.
Alerts from Google People to the PlayfulGhost Backdoor Threat
Google security professionals have agreed to assist the Google security operations community by sharing the knowledge needed to recognize both new and repeated malware threats as part of a threat analytics blog series titled Finding Malware. However, for customers who want to safeguard themselves from the most current risks, the same threat information outlet provides a goldmine for awareness possibilities. After all, power comes from knowledge. This material is obviously too technical for the majority of customers, which is where I come in as a tech speak-to-normal translating.
The previous remote management tool, an internet-based trojan called Ghost, which has been in the security spotlight since 2008, provides the base for the new playfulghost threat.
The head of the Google managed defense team, only identified as Tatsuhiko, stated that playfulghost differs from the original by “using different patterns of traffic and encryption.” Playfulghost uses two main distribution methods to keep an eye out for phishing attempts: “Where there is malware, there is phishing.” I’m thinking about having that security mantra permanently inked on my forehead to raise awareness. However, Tatsuhiko stated that emails containing themes related to a “code of conduct” have been seen to function as a springboard for tricking recipients into installing malicious programs.
Addressing the VPN Backdoor Threat Identified by Google
Please review the whole Google report about playfulghost, but during the meanwhile, verify that you are taking appropriate measures to protect yourself against the threats posed by this type of malware. This entails being aware of the methods that attackers employ to fool you into first installing such backdoor programs. In the present case, that is being aware of phishing and taking measures against it, such as the risk of malvertising and download apps that appear authentic but are really from unofficial sources.
