Hackers are upgrading already planted Kovter malware with the goal of gaining broad access to Fortune 500 computer networks.
Cybereason Lab found hackers are placing the click-fraud and adware tools on corporate systems and then upgrading the software into more malicious forms of malware capable of grabbing control of a network or important company assets, the research firm wrote.
Cybereason Lab pointed out that one reason this tactic is so dangerous is because most companies consider click fraud and adware low-risk threats and more or less dismiss them, particularly compared to zero-day attacks and ransomware.
“Security teams cannot be expected to eradicate all low-level threats due to their high prevalence on user machines,” the report said. “But they should develop an approach to track if low-level threats evolve into a higher risk programs and be able to eradicate these cases.”