CISA Warns Of LokiBot Uptick – Expert’s Perspective

CISA today warned of a substantial increase in the use of LokiBot “info stealer” malware by bad actors since July 2020, as detected by CISA’s EINSTEIN Intrusion Detection System. LokiBot uses credential- and information-stealing malware that’s typically sent as a malicious attachment, and can also create a backdoor into infected systems to let attackers install additional payloads. It’s known as an easily deployable, effective threat and is often used in campaigns targeting Windows and Android operating systems to push malware via email, malicious websites, text and messaging. An expert with Gurucul offers perspective.


EXPERTS COMMENTS
Mark Bagley, VP of Product,  AttackIQ
September 24, 2020
Cyberattacks have been evolving and growing at an alarming rate in the recent past, sparing no industry from disruption.
Cyberattacks have been evolving and growing at an alarming rate in the recent past, sparing no industry from disruption. The increase of LokiBot malware incidents shines a light on why organizations should take a proactive approach to testing and validating their security controls. Understanding common adversary tactics, techniques, and procedures, as outlined by the MITRE ATT&CK framework, allows ....
[Read More >>]
Saryu Nayyar, CEO,  Gurucul
September 23, 2020
Fortunately, our security tools have also improved over time.
The recent advisory on the LokiBot malware is another indication of how malware authors have turned their malicious activities into a scalable business model. The fact that LokiBot has been around for over four years and has gained in capability over time is a reflection of how much malicious actors have advanced the state of their art, leveraging the same development models we use in the commerci ....
[Read More >>]

If you are an expert on this topic:

Submit Your Expert Comments


In this article