There are many security threats that can put Windows systems at risk. Many varieties of malware that in one way or another could affect its proper functioning. Today we echo Purple Fox , a new security problem whose mission is to scan for vulnerable Windows systems. We will explain what it is and give some tips to avoid being a victim.
Purple Fox, a new threat to Windows
Purple Fox is a malware that was previously distributed via exploit kits and phishing emails. However, it has now added a module that allows you to scan and infect Windows systems accessible through the Internet and carry out attacks.
This malware has rootkit and backdoor capabilities. It was first detected in 2018 after infecting more than 30,000 devices and is used as a downloader to implement other strains of malware. It is not the first time that this threat has set its sights on Windows systems.
One of its qualities is to infect Windows users through their web browsers after exploiting memory corruption and elevation of privilege vulnerabilities.
However, in recent months Purple Fox attacks have intensified significantly, reaching a total of 90,000 attacks and 600% more infections, according to Guardicore Labs security researchers Amit Serper and Ophir Harpaz.
Your main goal now is to detect Windows systems that are exposed on the network. brute force your SMB password to infect you. According to a Guardicore Labs report, it has almost 2,000 compromised servers on its botnet.
These infected computers include Windows Server machines running IIS version 7.5 and Microsoft FTP, and servers running Microsoft RPC, Microsoft Server SQL Server 2008 R2, and Microsoft HTTPAPI httpd 2.0 and Microsoft Terminal Service.
We have indicated that Purple Fox can brute-forcely infect servers through vulnerable SMB services exposed on the Internet, but is also using Phishing campaigns and web browser vulnerabilities to implement its payloads.
How to avoid falling victim to these security problems
Undoubtedly, a very important factor to protect ourselves from the threat of Purple Fox and others like it is to keep equipment updated . In this case, it takes advantage of vulnerabilities found in Windows to attack. That is why we must always have the latest patches installed and thus correct any problems that appear. Protecting Windows from email ransomware and other varieties of attacks is very important.
On the other hand, something also essential is to always have security programs installed. A good antivirus can prevent the entry of threats that could put our systems at risk. It is something that we must apply to all types of operating systems that we are using.
But also, common sense is something we must take into account. You should not make mistakes when browsing , such as opening a malicious attachment or installing an application without knowing if it is really reliable or it could be a security threat.