News

Researchers disclosed a PowerShell script Used by Pysa for hacking purpose

Hackers in today’s world are getting evolved and they are enhancing their tools and techniques. BleepingComputer together with MalwareHunterTeam shared a script used by a ransomware group, Pysa that operates its malicious practices by using a PowerShell script to infiltrate in targeted networks.

Researchers disclosed a PowerShell script Used by Pysa for hacking purpose 2image courtesy, howtofix.guide

PowerShell is a scripting language which is commonly used for automating the management of systems. Sometimes it is used for hacking purposes. Before encrypting data and application manual sweep of data, hackers use this script, which is designed in such a way that it scans each drive looking for data folders that match specific strings enlisted in the script. After the folder matches with the string, the script uploads those folders to a remote network which is under the attacker’s control.

The script shared by MalwareHunterTeam includes about 123 keywords that the script searches for. This script benefits the cyber security members and organisations as it gives them an insight about what kind of data a hacker finds valuable. The list, as expected, searches for files that are important for a firm and that can be used as valuable leverage such as financial and personal information of a company including audit and banking information, SSN, tax forms, credentials, SEC documents. The script also searches for keywords like secret, hidden, illegal, fraud, crime, federal, etc. The full list of keywords targeted by threat actors is given below.

Researchers disclosed a PowerShell script Used by Pysa for hacking purpose 3image courtesy, howtofix.guide

The list definitely doesn’t guarantee us a “free from hack” system. However, with knowing what data might get targeted, we get  a head start as we can apply some countermeasures.

Khushi

Khushi is an avid reader and loves analyzing companies in the digital space. Her interest is in online marketing, business, startups, and politics. She does everything perfectly by taking extra time.
Back to top button
Close
Close