Jump to content

Opinion: People who think they have an undetectable malware


Mildware
 Share

Recommended Posts

It's my first post here but I've been lurking in the malware removal sections across Malwarebytes, Bleepingcomputer and Geekstogo for years as I'm fascinated at the stuff you guys do, so thank you for all your service.

 

I'm sure you are no stranger to people driven by paranoia thinking they have been infected with some undetected malware, zero day or a UEFI bootkit of sorts. You can literally see them at least once a day on these forums, and it honestly pisses me off that these people always seem adamant that they are infected despite having assurances of experts here. While I totally side with you guys on the matter, and I agree that no powerful organization would spend large amount of resources just to target a random person, would it possible that such attacks are actually more common that we expect? While targeting a single person would not be worthwhile, what if these stealthy exploits were abused to infect millions of systems to steal financial and sensitive data for profit?

 

Taking some past and recent exploits as examples, Eternalblue had went undetected for years until it was stolen from the NSA and leaked to the public. If it hadn't been reported to Microsoft, wouldn't it be possible that threat actors who knew of it stole sensitive / financial data from millions of computers? Another example would be the Pegasus spyware which affected dozens of smartphones, which seems to have been patched but no reports of the extent of its damage has been made.

 

In a recent cybersecurity contest held in China known as the Tianfu Cup, hackers were also able to deliver a remote code execution and also a remote jailbreak on an Iphone 13 equipped with the latest IOS 15, along with dozens of other exploits on participating vendors (Microsoft 10, Chrome etc).  What scares me was that the prize pool was only $1.9 million, and the team who had won was only awarded $650 000. Considering the severity of these exploits, I don't see why a black hat hacker stockpiling similar vulnerabilities wouldn't abuse it to earn much more by infecting millions of devices around the world. What are your thoughts on this?

 

https://www.forbes.com/sites/daveywinder/2021/10/30/hackers-breach-ios-15-windows-10-google-chrome-during-massive-cyber-security-onslaught/?sh=147b282c2f62

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.