In recent years there have been a substantial number of new and modified malware samples attacking our digital systems. Some have had mundane names, while others have had more flamboyant names, e.g. POODLE. Much like the latter, a recent sample has emerged from the nebulous internet called by the interesting name of Dorkbot.
No business likes to hear that it has vulnerabilities, but most do. In reality, there are very few information security systems that are impenetrable. However, by staying informed to the various types of cybersecurity weaknesses, business owners can strengthen their defenses.
Dorkbot is only one of the many thousands of pieces of malware that show up every day in the wild. This particular piece of malware was first noted in April 2011 and again in October 2012. Dorkbot was expressly was written to accomplish specific goals. First, to steal online payment information, but also to be used as a bot for a DDoS attack, to disable a company’s security product, to allow a portal for malware to be put on the host’s system, and finally to steal login credentials. All this harvested information can have a great impact on the unsuspecting user as the data, once stolen, is often sold on the darkweb.
This malware is spread with a particular vector, in this case by unsuspecting people clicking on malicious links that seem ‘normal’. When dealing with malicious coding such as Dorkbot, common sense rules are often an applicable defense. First, users need to use anti-virus (AV) and keep it updated with applicable patches. AV is not dead, still has ample function-ability and has the potential to red flag malware. Users also need to regularly change their passwords and use a strong one with at least eight characters and a mix of upper and lower case letter, with a mix of numbers and symbols. Dorkbot harvests passwords so a prudent measure would be to change these frequently. Patches are also a great benefit from software providers to apply. These are designed to repair application vulnerability. Although malicious pieces of software such as Dorkbot can be an issue, their impact can be reduced if users follow common sense and keep their AV updated.
Our daily blogs are written by experts in the exciting field of cybersecurity. Learn more about a career in cybersecurity by enrolling in classes through the NCI.
Charles Parker, II; MBA / MSA / JD / LLM / PhD (ABD)
Information Security Engineer
Ciena Healthcare; Southfield, MI