Microsoft recently discovered a new strain of fileless malware that essentially hijacks PCs and turns them into hubs for carrying out further malicious activity. Here’s what we know about Nodersok malware so far.
How Nodersok Malware Works
Without getting too much into the boring, technical, cyber security nerd details, Nodersok malware (also known as “Divergent”) infects computers after a user clicks a malicious ad or downloads a malicious file. Then, a complex sequence of scripts is launched, which essentially allows hackers to control the infected computer and use it to launch more cyberattacks. A large network of infected computers is called a “botnet.”
The nature of the attack makes it difficult for cyber security teams to research the code and create adequate countermeasures.
What is it Being Used For?
Although a botnet can be used for potentially catastrophic measures, such as DDoS attacks or mass distributions of ransomware, it’s been suspected that Nodersok has been used mainly for click fraud so far.
Click fraud is the practice of generating ad clicks to boost revenue for websites that support advertising, or to exhaust an advertiser’s budget. While this is still clearly wrong, it’s a relatively benign effect of a mass malware campaign.
How Much Has it Spread?
Nodersok malware has reportedly hit thousands of machines across the world since mid-August, and it reached its peak in the beginning of September. It has been on the decline since then, but that certainly doesn’t mean its dormant.
It has mainly been targeting PCs in the United States. While the majority of targets are individual consumers, there have been many instances of business networks being infected as well.
How Can it Be Prevented?
There are two main ways that you can mitigate your chances of falling victim to Nodersok malware.
Update your Software
Microsoft is well aware of this malware, and has been actively looking into ways to combat it. Make sure you update your computer and its security software regularly, so you always have the most up-to-date, effective versions.
Don’t Click Suspicious Stuff
As always, the absolute best way to avoid this type of malware (and literally any other malware) is to avoid clicking on any suspicious links and downloading any suspicious files.
As long as you practice good cyber awareness and keep your devices updated, you should be able to avoid Nodersok malware.