Connect with us

Hi, what are you looking for?

Tech & Science

New malware allows complete bypassing of network passwords

Dell SecureWorks found the malicious item, now dubbed “Skeleton Key.” Researchers found it on a network in a DLL file called “ole64.dll.”
The flaw requires administrative access to the network before it can be deployed. It links itself into Active Directory once this access has been obtained. Dell researchers noted that they had observed this first step being overcome by using credentials previously stolen from workstations on the attacked domains.
Once active on the system, attackers can use a password of their choosing to gain “unfettered” access to any user account on the domain. It is only possible on networks where one-factor authentication is used though. If two-factor authentication — through an external PIN or authentication code generated by a mobile app, for example — is used, it would appear as though you are in the clear for now.
The most interesting part about Skeleton Key is the way in which it is saved on the target system. It locates itself in RAM, making it almost undetectable as access is not logged. It communicates silently too so traditional network traffic monitoring techniques will all prove fruitless.
Fortunately, this seemingly perfect way to hide itself actually presents an easy way to remove the malware from a system. RAM is the memory used by a computer during operation and is always volatile: Its contents are lost when the power goes off.
The threat of Skeleton Key can be simply removed by rebooting the infected system. It is still a wake-up call for system administrators dependent on password-based, single -factor authentication though. Such methods are now more vulnerable than ever as increasing amounts of services make the switch to the much more secure two-factor authentication.

Written By

You may also like:

Tech & Science

Apple was accused of abusing the dominant position of its app store at the start of a court trial in the UK, with plaintiffs...

Business

The equity sell-off tracked hefty losses on Wall Street, where all three main indexes finished more than one percent lower.

Tech & Science

The United States unveiled new export rules Monday on chips used for artificial intelligence.

Tech & Science

With video cameras in the ambulances, medical scientists can make today's stroke care even better for more patients. The same neurological assessment that the...