One of the more disturbing trends this year is that worms are becoming popular among the hackers of the world again.

We've seen a handful of new malware strains introduced in recent months with worm modules added to their code, allowing them to scan and infect Windows systems connected to the initial source of the infection.

That's bad news for IT Security professionals around the globe. In the early days of the internet, some of the most devastating attacks were worm-based and caused no end of trouble to organizations of all shapes and sizes. Now, it seems that today's hackers are dusting off one of yesteryear's favorite tactics and giving it a new lease on life. Purple Fox malware is the latest strain spotted with a worm module attacked.

Purple Fox has been around a while as malware goes, being first spotted in the wild in 2018, when it infected in excess of 30,000 devices during the first campaign known to utilize it. As was the case then, Purple Fox isn't terribly damaging in and of itself, but is primarily used as a dropper, to deploy other, more devastating forms of malware once it has gained a foothold on a target system.

Given that, and its new worm-like capabilities that allow it to spread like wildfire once it gets a toehold somewhere, it should be considered dangerous indeed.

Even more worrisome is the fact that after the initial spate of infections in 2018, the controllers of the code went relatively quiet until May of this year (2020), when Purple Fox attacks suddenly intensified, with more than 90,000 separate attacks in April and May of this year alone.

As if busy IT managers didn't have enough to worry about, now they can add yet another item. Purple Fox looks like it's here to stay.


Would you like to be a Power User? Sign up for "The Fix" our Mac Tips and Tricks newsletter here.
If you have any questions you can reach The MacGuys+ at 763-331-6227 or schedule an on-site visit here
 Mac IT for the Minneapolis, St. Paul, Twin Cities Metro, and Western WI Area! Nation Wide Work Anyplace Mac IT Support.

Used with permission from Article Aggregator