Palo Alto Networks found to spread Malware

Cybersecurity Insiders

Palo Alto Networks is currently being misused as a cover for malware distribution. Although the California-based cybersecurity company is not involved in these activities, hackers are exploiting the company’s name to propagate malware disguised as the ‘Palo Alto Networks Global Protect Tool.’

This malware is primarily circulating in the Middle East, with plans to extend its reach to other regions, starting with Australia and Canada. Trend Micro’s security researchers have discovered that the malware communicates via a disguised VPN portal, allowing it to bypass many anti-malware solutions, particularly in sandbox environments. It is typically disseminated through phishing attacks and collects sensitive information such as IP addresses, operating system details, usernames, machine names, sleep time sequences, and operational hours. This data is then sent to command-and-control (C&C) servers, which issue further instructions.

While this incident is unlikely to significantly damage the reputation of Palo Alto Networks, it could still impact customer trust to some degree.

Interestingly, this malware issue coincides with increased media attention on Nikesh Arora, CEO of Palo Alto Networks. Arora, the highest-paid Indian-origin CEO, has been trending on social media not for his professional achievements, but due to his prominent wife, Ayesha Thapar. Mrs. Thapar, the Managing Director of Indian City Properties Limited and co-owner of Miami based telecom group and share holder in Thapar Group, has attracted significant online interest.

Recent findings by Unit 42 have also highlighted a surge in deepfake-driven scams, with public figures like Donald Trump, Kamala Harris, and Joe Biden being featured in fraudulent videos. This trend underscores the growing sophistication of cyber threats and the need for heightened vigilance.

Ad
Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display