One of the more disturbing trends this year is that worms are becoming popular among the hackers of the world again.
We’ve seen a handful of new malware strains introduced in recent months with worm modules added to their code, allowing them to scan and infect Windows systems connected to the initial source of the infection.
That’s bad news for IT Security professionals around the globe. In the early days of the internet, some of the most devastating attacks were worm-based and caused no end of trouble to organizations of all shapes and sizes. Now, it seems that today’s hackers are dusting off one of yesteryear’s favorite tactics and giving it a new lease on life. Purple Fox malware is the latest strain spotted with a worm module attacked.
Purple Fox has been around a while as malware goes, being first spotted in the wild in 2018, when it infected in excess of 30,000 devices during the first campaign known to utilize it. As was the case then, Purple Fox isn’t terribly damaging in and of itself, but is primarily used as a dropper, to deploy other, more devastating forms of malware once it has gained a foothold on a target system.
Given that, and its new worm-like capabilities that allow it to spread like wildfire once it gets a toehold somewhere, it should be considered dangerous indeed.
Even more worrisome is the fact that after the initial spate of infections in 2018, the controllers of the code went relatively quiet until May of this year (2020), when Purple Fox attacks suddenly intensified, with more than 90,000 separate attacks in April and May of this year alone.
As if busy IT managers didn’t have enough to worry about, now they can add yet another item. Purple Fox looks like it’s here to stay.