Since 2011, the trojan Stegoloader has infected machines all over the U.S. with malware disguising itself as a pirated product key generator. Once deployed, the trojan steals electronic medical records and attacks system vulnerabilities. Although the healthcare industry has been the primary target, other businesses are not invulnerable. Continue reading to learn more about the dangers of the Stegoloader to your devices and networks.
The trojan known as Stegoloader infects machines through product key generators packaged with downloads of pirated software. Small companies have been targeted by the malware, particularly those in the healthcare industry — and to a lesser extent, the insurance and technology sector.
Steganography is a cyber attacker term for hiding malware inside an image file. Once the image is opened on a vulnerable machine, the program gathers information and crawls through the network looking for weaknesses. Although Stegoloader doesn’t appear to be a particularly sophisticated program, it can devastate your business by stealing electronic medical records as well as installing a secondary piece of malware to pilfer banking information.
Anthem and Premera Blue Cross are two big-name victims of the widespread malware. Symantec believes that Stegoloader’s creators plan to sell healthcare data because they’re more lucrative than other information types. Symantec also believes the cyber attackers are opportunistic, taking advantage of companies that download pirated versions of popular software.
Because the Stegoloader trojan often lurks in illegal product key generators and illegitimate software, the best way to avoid infection is to stay away from sites that offer pirated software. Other than that, we recommend educating your employees on safe practices, avoiding unknown image files and quarantined backups, and updating operating system and antivirus software as often as possible.
When business owners download pirated software, they’re trying to cut corners to save money on business applications and technology consultants. But not only are they getting themselves in trouble with cyber attackers, they’re also messing with the law. We promise that partnering with us will end up saving you more money and hassle than the alternatives. If you’re looking for a better way to protect your company and keep your information safe, contact us today.