CONSULTING & SERVICES

Researches - Consulting - Compliance
Unfortunately, malwares have been silently destroying the digital world and most companies continue believing that traditional defenses can help them to prevent and block these kind of threats. They are not even close...

From every company that looked for services by BlackStorm, more than 70% were infected by some kind of malware (virus, trojan, ransomware, spyware, adware, rootkit, botkit and so forth).


Of these, there was not a single one who was able to perceive, prior to our analysis, the infection.


And all properly equipped with one or more protection software - which should not be discarded, but are insufficient.
Most modern malwares have rootkit features, which conceal their malicious actions and keep them under the radar. Coomands of operating systems and usual applications are not able to detect it.
Several modern malwares only runs in the memory and they never touch the disk.

Once the computer is infected, the malware creates an encrypted Internet tunnel (like VPN) through ports 53 and 80 to send and receive data. In such cases, firewalls, IPS/IDS and DLP programs will not be able to distinguish this malicious traffic from the genuine traffic.
There are dozen of tricks (Process-Hollowing, Code-Injection, Packers, Cryptos, and so on) that deceive many antiviruses/antimalware programs easily.

And nowadays a new kind of malware is growing up quickly: Ransomware; programs for hijacking  all your data via non-authorized Encryption and asking for a ransom to give the key - and once encrypted, it is very, very difficult to recover the data without pay the money, usually values between USD 10  and USD 30 thousands in virtual coins such Bitcoins for example.
Also, against the popular belief, Linux and Mac OS systems are susceptible to the malware infection. And worst, most machines running Linux and Mac OS usually don’t have an installed antivirus program.

Only in MAC there are more than 24.000 malicious codes identified until 2016 and the amount of attacks had incresed 5 times between 2012 e 2016 (source: Kaspersky Lab database) -
5x more different infections in 4 years!

Regarding LINUX, due to it is less used in the world, it still does not attract much attention from hackers and Black Market; however, only in this system we can already see an annual increase, reaching today 5% of the total number of infections when it is compared to other systems (source: Cylance ).
This scenaro can explain the data we see above: an exponential growing in attacks, year by year.
Conclusion:

Companies imagine they are protected by the use of tools, but only 30% of them really are.
The use of antivirus and antimalware programs, although mandatory, is not enough to prevent infections.
This is evidenced by the exponential increase in the number new infections in all operating systems, every year.

Are you sure that your systems are not infected? Think about it.

Blackstorm Security has been providing services for several clients about:
Malware Analysis.
Digital Forensic Analysis.
Incident Handling and Malware Hunting.
Security Advisory and Security Evaluation.
Security Awareness.
Lectures.
Trainings.