Skip Ribbon Commands
Skip to main content
Computer Emergency Response Team of Mauritius (CERT-MU)
Computer Emergency Response Team of Mauritius>Poweliks malware targets 200,000 computers with covert Windows registry attacks

Poweliks malware targets 200,000 computers with covert Windows registry attacks


Security researchers have found that cybercriminals have targeted almost 200,000 computers using a dangerous ‘file-less’ version of the Poweliks malware over the past six months. More than 99.5 percent of these infections have been found in the U.S. The researchers stated that the success of the Poweliks malware is because of the upgrades designed to improve its resilience against removal tools. As a file-less threat, Poweliks does not exist as a file on a disk but instead resides solely in the registry. This means that it cannot be deleted from the compromised computer in the traditional sense. The threat also uses several other novel techniques to compromise infected computers. Poweliks uses a special naming scheme to hide in the registry and has consistently used CLSID [Class ID] hijacking as runtime load points in the registry.
 
Read More:
 
Source:
 
V3.co.uk
 
Global Perspectives
 
Team Cymru
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis