Should Cyber Security Beware the Pink Slip?

Pinkslipbot is a malware infection that could make your computer find itself out of a job. Making sure the proper cyber security measures are taken to mitigate risk are key to protecting you and your data.

No one wants a pink slip. It usually means you’re out of a job. And in a malicious, commemorating sort of way, a new malware called Pinkslipbot could put your computer out of a job as well.

Pinkslipbot, also known as Qakbot, or Qbot, or Akbot, is like any other malware at first glance. It infects a computer, causing it to automatically download files, or infect or corrupt data. It has some features that allow itself to auto update, spread to other networks, etc. It attempts to steal user information and upload it to FTP clients. The real pink slip, however, is delivered in a different way.

For malware creators, the task of hiding their internet presence is a difficult one. Security researchers can easily trace a path to their servers if unprotected. If Tor or onion routing or anonymous network communication is used, their communication can be hidden, but dark network servers are prone to rapid change and disappearance. That’s where the pick slip comes in. When infected by the Pinkslipbot malware, the computer then becomes a proxy server for the malware network, and, along with all other infected PCs, joins the ranks of redirection and encryption.

So maybe your computer gets a new job from Pinkslipbot instead, but its old job is definitely affected. The PCs in the malware’s network don’t generally host much, but the HTTPS-based proxy network creates a shield for those trying to find the malware creators. As your computer inserts itself into a network of 500,000 others in the network, it may be difficult for cyber security researchers to locate your own computer.

Of course, it is possible to remove your PC from that network if it has been infected, but it’s harder than you think. Along with other types of malware, Pinkslipbot can infect removable hardware, so if you use an external hard drive or a USB drive, it can also be infected, and transfer the malware to other devices. It can spread itself across a network, so simply removing it doesn’t mean you can stop the spread, or that you prevent it from infecting your PC again.

Many Mac (Apple) users skim these articles with a smug grin, thinking to themselves that these types of malware won’t ever affect them. Well, let’s hope they don’t skim too quickly because Pinkslipbot can infect a Mac using an exploit in Adobe Flash, and another in Apple Quicktime. See a full list of all vulnerabilities exploited here.

So how do you get rid of it? A few steps can protect you and your data from this malware infection (and other similar malware), and mitigate further risk. First, make sure you update all applicable software, as well as your operating system. If you think you might have infected machines, search for all software patches directly from the vendors, and install them immediately. If using Microsoft Windows, disable the Autorun feature, which can be done using Windows Group Policies. Doing this can help prevent the malware from running without explicit permissions.

If you don’t think you’re at risk for malware infection, think again. According to CNN Money, almost 320 million new malware files were created in 2015. That means that almost 1 million are created every day. Tack on 2016, 17, and you have likely more than 1 billion created in the past 3 years. If you aren’t proactively protecting your data, then it’s time for serious reconsideration. Click here to check out some of the best ways to stay on top of your cyber security.