Close

CA warns of destructive banking virus targeting network systems

Cybersecurity researchers have found evidence they say could link North Korea with the WannaCry cyber attack
Cybersecurity researchers have found evidence they say could link North Korea with the WannaCry cyber attack

The Communications Authority has warned of an advanced and destructive banking virus targeting network systems.

The National Computer Incident Response Team Coordination Centre has so far detected 11 cases targeting local institutions.

CA Director General Tom Olwero in a statement on Monday said the malware, Emotet, is disseminated through malicious email attachments or links posing as invoices, payment notifications and bank account alerts.

Olwero said the virus can evade typical signature-based detection and has several methods for maintaining persistence, including

auto-start registry keys and services.

It also uses branding seemingly coming from legitimate organisations.

"Emotet is notorious for its modular architecture, persistence techniques, and worm-like self-propagation that rapidly spread network-wide infection," he said.

"Once downloaded, Emotet establishes persistence and attempts to propagate the local networks through incorporated spreader modules," he added.

The malware can result to temporary or permanent loss of sensitive information, disruption to regular business operations and financial losses related to restoration of systems and files.

It can also lead to potential harm to an organisation’s reputation.

Olwero has advised the public and firms to immediately scan and isolate an infected computer from the network if they believe their systems may be infected with the malware.

Once isolated, proceed to clean and patch the system. Consider proactive protection against future malware spam infections and adhere to general cybersecurity best practices.