Sunday, July 7, 2024
Latest:
Malware
Cybersecurity NewsNews

US Aerospace Industry Under Attack by New ‘PowerDrop’ Malware

Fatimah Eniafe

Loading

‘PowerDrop’ virus is built with the aim to target the US aerospace sector.

Experts discovered a newly created malicious PowerShell malware that targets the US aerospace sector.

Adlumin Threat Research sees the virus, codenamed PowerDrop, installed on the network of an anonymous defense contractor in May.

Upon gaining access to servers, the virus works as a remote access trojan to execute commands on target networks.

The malware’s distinctive evasion techniques, according to researchers, enable malicious actors to “live off the land” and acquire continuous access to a server without drawing attention to themselves.

Threat Actor Deploys Malware

As per sources, it is unknown how the hackers gained initial access. However, they claim nation-state actors are the suspects.

Although the main attack’s generic is quite flexible, Adlumin Vice President of Strategy Mark Sangster spots the threat’s ability to hide illicit activities and avoid asset security detection. He suggests technically savvy threat actors design the malware.

According to the vice president of defense operations at the security company Ontinue, Craig Jones, a nation-state actor is most likely responsible for the virus. PowerDrop’s enigma increases with the lack of a certain correlation to a particular threat actor.

He maintained that due to the ongoing crisis in Ukraine and their increased attention on aerospace and missile projects, the public abstain from slamming accusations at their nation-state enemies.

Adlumin Proposes Sensitivity Checks

Adlumin advises companies and businesses in the aviation defense sector to remain at alert and set up sensitivity checks on their networks. Since it discloses that Chinese hackers gains access to critical facilities on Guam, where the United States has a strong military presence, the military and defense sector is on high alert.

Contrast Security’s senior vice president of digital plans, Tom Kellermann, told The Record, Powerdrop has China posted across this. “They have an extensive record of utilizing PowerShell for switching directions and leveraging machine learning for counter event response,” he adds. “With disputes with China at an all-time high, it seems normal for them to focus on our aerospace industry.”