NSFOCUS Detects Two Satan Variants Targeting Financial Sector

NSFOCUS Detects Two Satan Variants Targeting Financial Sector

January 17, 2019 | Adeline Zhang

 
In early November of 2018, NSFOCUS spotted the first variant of Satan malware that targets Linux and Windows systems and spreads by exploiting various application vulnerabilities. A few weeks later, NSFOCUS came across a second variant of this Satan, capable of self-propagation via Windows and Linux platforms. These two variant detections are just another notch in the belt of the new ransomware ongoing prominence and evolution as a digital threat.

Since entering the digital threat landscape as a ransomware-as-a-service (RaaS) in January 2017, Satan operators have updated its capabilities to expand its reach. In April of 2018, Blaze’s Security Blog reported that a Satan variant had abused the EternalBlue exploit to spread across vulnerable systems. 360 Total Security later observed that the threat had added two new system vulnerabilities to its arsenal.

Once the variant gets one foot in the door of a system, the virus propagates itself further without causing additional damage. Satan’s evolution embodies ransomware’s ongoing prominence as a digital threat. To defend against Satan Variants, security professionals should be patching software vigilantly and regularly, and should implement an antivirus solution that is compatible with Anti Malware Scanning Interface (AMSI) to protect their networks.

More information can be found in SecurityIntelligence’s recent article on NSFOCUS’ discovery and Satan variants, here: New Satan Variants Target Financial Sector With Monero Miners and Ransomware.

For more outlooks and insights from NSFOCUS, check out our other recent coverage:

Email Attachments, IoT, and Cryptominers to be Security Pain Points in 2019VMBlog