Deepfake Malware
The Deepfake Malware is a classification of Trojan that sabotages data, such as medical scans, for showing fake results. Although this threat is theoretical primarily, there are proof-of-concept results that its technology can cause harm to medical and other systems via advanced AI learning techniques. Appropriate enterprises should protect their systems through standard best practices, monitor physical access whenever possible, and use relevant anti-malware services for removing the Deepfake Malware, like all threats proactively.
The Trojan Fakery Goes Deeper than Ever Before
After White Hat tests involving the deployment of a theoretical threat against an Israeli hospital, the world may have cause for concern over another area for Trojan attacks: CT and MRI-scanning equipment. The experimental Trojan, with the broad classification of the Deepfake Malware, is leveraging so-called 'deep learning' AI enhancements for faking the results of patients' scans. While this strategy has yet to see any application by criminals, its threatening contexts regarding state-sponsored attacks and terrorism are ominous.
In the implementation, as shown by researchers at Ben-Gurion University, the Deepfake Malware can manipulate scans from the relevant medical equipment through remote commands, similar to how backdoor Trojans and rootkits respond to the instructions of a C&C server. Instead of the 'usual' attacks, however, the Deepfake Malware rigs the results of the scanning data by falsifying their data, either by removing 'harmful' content, like tumors or inserting it. Unfortunately, without any forewarning, medical specialists were unable to detect the falsified results in either direction, displaying a greater than ninety percent failure rate.
The Deepfake Malware's test introduction methods involve exploiting both Wi-fi for backdoor functionality and USB-ethernet physical connections for the installation routine. The Deepfake Malware is not hardware-intensive and can achieve this installation with nothing more powerful than a Raspberry PI – a machine that markets itself as being 'tiny and affordable.'
Stopping Trojans from Going Too Deep
The prospective issues around the deployment of the Deepfake Malware for unsafe purposes are numerous, ranging from the extortionist themes readers can see in the file-locker Trojans that, already, attack medical networks at leisure, to the crippling of infrastructure in campaigns like CrashOverride's attacks. Since no threat actors are employing the Deepfake Malware, currently, such possibilities are theoretical, but their technical feasibility is no longer open to questioning. As with cases of already-proven threats, malware analysts can do little more than recommend security procedures that block or shut down the Deepfake Malware infections before the damage occurs.
Although the Deepfake Malware's experimental staging ground uses physical infection vectors, live attacks against networks in a medical setting can range from port-scanning to brute-forcing logins to sending corrupted e-mail attachments. Proper server with limited port and admin privilege availability, updated software, and strong passwords will block many infection exploits. Systems with anti-malware protection, as always, should eliminate the Deepfake Malware before it interferes with any scans or other IoT output.
The Internet-of-Things didn't need a new danger of the type that the Deepfake Malware represents, but unhappy forewarning is better than suffering from a Trojan's ambush. With the Internet's reach being all-encompassing, the predators hiding in an online environment may target even stranger prey.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.