Beware of Microsoft Windows Malware, Warns Singapore Regulators

The Monetary Authority of Singapore (MAS) has recently issued a warning to financial institutions after 4 high-risk bugs were found in Microsoft’s Windows system. Windows-Based Banking Machines Pose Risks for Attack The Monetary Authority of Singapore (MAS) has warned of critical risks to legacy financial systems after Microsoft announced a patch of 49 bugs found […]
The Monetary Authority of Singapore (MAS) has recently issued a warning to financial institutions after 4 high-risk bugs were found in Microsoft’s Windows system. Windows-Based Banking Machines Pose Risks for Attack The Monetary Authority of Singapore (MAS) has warned of critical risks to legacy financial systems after Microsoft announced a patch of 49 bugs found […]

The Monetary Authority of Singapore (MAS) has recently issued a warning to financial institutions after 4 high-risk bugs were found in Microsoft’s Windows system.


Windows-Based Banking Machines Pose Risks for Attack

The Monetary Authority of Singapore (MAS) has warned of critical risks to legacy financial systems after Microsoft announced a patch of 49 bugs found in its Windows 7 system. The 4 main vulnerabilities, CVE-2020-0601 CVE-2020-0609 CVE-2020-0610 and CVE-2020-0611, affect all Windows users. It has been urged that all users update their systems with this latest patch.

The Cyber Security Agency of Singapore (CSA) outlined the severity of these vulnerabilities, according to an article by CIO.

… successful exploitation of CVE-2020-0601 vulnerability could have allowed attackers to conduct man-in-the-middle attacks and further decrypt confidential information on user connections to the affected software.

The CSA continued,

If the other three vulnerabilities were successfully exploited, attackers could perform remote code execution and take control of the affected systems. With these controls they can perform malicious activities, unauthorized installation of programmes. Further, they could have created rogue administrator accounts to view, change or delete data.

So far, Windows-based systems have not exposed private keys, but the threat lies in using veiled Monero mining software. Examples include .wav files, as well as .jpeg. In one of the latest cases, a Taylor Swift photo was used to deliver a malicious payload.

Microsoft Windows 7 Holds Biggest Risk of Mining Malware

But with more recent versions patched, Windows 7 usage remains one of the big risks. Daniel Goldberg, a senior cybersecurity researcher at Guardicore Labs, views the system as wide open to attacks.

“The risks are crazy high to organizations facing this WAV-based attack if they are running a Windows 7 system after EoL,” Goldberg said for Forbes, “…before the quarter is over, there will be other vulnerabilities discovered in Windows 7 too that will not be fixed by Microsoft and will also be easy to exploit.

The chief advice to mitigate the risk is to leave all Windows 7 machines offline, if they are critical. Exposure to the Internet means the machines can be exploited.

In a more recent Forbes article, Microsoft has released a statement advising 400 million of its customers to buy new PC’s instead of updating their existing Windows 7 software.

Monero Mining Loses Profitability

While crypto mining Monero is becoming increasingly less profitable, it may have a positive impact on the level of malware that’s distributed over the course of this year. In 2020, the relatively low price of XMR coupled with an altered mining algorithm, may mean that malware attacks become less popular. Even large botnets running mining software will likely struggle to make decent returns. With XMR at around $64.68, previous incentives to mine are starting to diminish.

Additionally, in the past the Monero network has shown high mining activity, which turned out to belong to specialized rigs. Currently, it is uncertain what causes the record levels of Monero mining, which is now amenable to some of the new and fast generations of processors. The Monero network hashrate is at 1.21 GH/s a small fraction of the activity for Ethereum (ETH) or Bitcoin (BTC).

What do you think about the threats on Windows machines? Share your thoughts in the comments section below!


Images via Shutterstock