Cyber security news for all


    Valak hacks often start with small, seemingly insignificant steps

    Valak was registered last year for the first time and classified as a loader, which was used in several campaigns especially in the USA. It was found in an investigation in April 2020 that Valak was primarily used for attacks in the United States.

    Primarily Attacks Administrators And Corporate Networks

    Exchange server infiltration collects and steals confidential information from the Microsoft Exchange mail system, including login information and the domain certificate.

    Comprehensive features and modular architecture: The basic features of Valak can be expanded with a number of plug in components for espionage purposes and data theft. Valak has developed from a simple loader to a sophisticated, multi stage malware that extends its functionality using plugins from your server. There are other plugins, which are obviously both primarily used for attacks on companies.

    Although Valak only appeared last year and was then categorized as a simple malware loader by various security analysts, the investigation shows that Valak hides a much more far reaching threat. In fact, we are dealing here with sophisticated modular malware that has innumerable functions for data espionage and for the theft of data.

    These advanced malware features indicate that Valak can be used independently as well as with other malware. It should be mentioned that the threat actor responsible for the malware apparently works with like minded people within the e-crime and with the aim of developing a far more dangerous version of the malware. The attacks with Valak are currently apparently focused on targets in the United States. It is expected that the malware will evolve and increase its popularity among cybercriminals. The cyber teams continuously monitor the development, including whether and when other regions will be affected in the future.

    Recent Articles

    Cyber threats become more dangerous to secure the digitization

    The pandemic has provided a boost to digital world. But now it is important to secure it. Examples of developments in the pandemic are...

    Sopra Steria was encrypted with Ryuk ransomware

    Last week, there was a successful ransomware on the servers of the French provider Sopra Steria. In an extremely brief statement, the company only...

    Emotet takes unusual approaches and loads new malware

    Even those who are not concerned with the security have mostly heard of Emotet. The malware has been up to mischief for several years,...

    Cyber criminals could exploit the Oracle network

    The software manufacturer Oracle network only holds its updates every three months. Oracle speaks of security gaps - Due to the extensive product range...

    Unauthorized access at Scalable Capital

    There has apparently been unauthorized access to individual data at Scalable Capital. The company informed its customers about the incident by mail yesterday, referring...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox