As far as security infections go, Poweliks is a big threat. While most threats can wreak havoc on your computer systems, and cause untold damage to your business, the majority at least leave a trace of their work that enables them to be detected and ultimately removed. This isn’t the case with Poweliks.
So just what is Poweliks?
This is a nightmare of a malware, and completely hides away in your system and is pretty much invisible.
Poweliks is a trojan horse that performs malicious activities. Most Trojan horse software infect your computer with malicious files, Poweliks is a silent and invisible threat that hides away in the memory registry of your system. In itself, this method is not new, many a previous virus would seek to cover its tracks by hiding in memory. These types of Trojans are wiped when you restart your computer and its memory is cleared, however, Poweliks hijacks the legitimate processes and applications running on your network, inserting its code into them where it can largely evade detection.
What does Powerliks do?
Poweliks has links to Kazakhstan, the home of two servers the malware connects to once it is up and running from within your computer. The servers in Kazakhstan then send commands to the bug to tell it what to do next. In theory, this then makes way for the tool to be used to download other undesirable programs that could infect your system without your knowledge. It could equally be used to steal data from your network.
How can I best protect myself?
As well as the anti-virus updates that have gradually been released – but which are still likely to have only a limited impact on threats of this type compared with those of the past – a number of Poweliks removal guides are now available online. Nevertheless, prevention as ever, remains better than cure. One method reported to have been employed in the distribution of the Poweliks infection is embedding it in a Microsoft Word document, which is then sent as an attachment to spam emails, and which the attackers hope your curiosity will lead you to open. Among the senders that these spam messages have masqueraded as being from are the United States Postal Service and Canada Post. Of course the best advice remains to be suspicious of any and every email attachment you open, particularly if you weren’t expecting mail or it’s from someone you don’t know.
Should I be concerned?
YES! Revisiting your everyday security precautions is probably pretty good advice all round, since experts predict that this type of threat is likely to become ever more common as attackers seek to exploit the techniques of Poweliks in order for their infiltration to remain unnoticed for as long as possible. Sure enough, a number of copycat threats have already been detected.
General awareness around web sites you and your staff choose to visit is also recommendable in particular, since others have also reported the bug making its way onto their systems thanks to so-called ‘drive-by download attacks’ – whereby simply visiting a malicious web site is enough to trigger the infection, and actively downloading a file isn’t even necessary. As a result, organisations may wish to consider more comprehensive filtering of internet access, for example using a firewall, or at the very least using the router for blocking of known malicious sites, in order to prevent employees from inadvertently infecting a company network.
To find out more about IT security solutions and protecting your company technology from attack, sign up to our newsletter before the end of July to receive information on a free removal tool.