Purple Fox is now even more devastating

One of the more disturbing trends this year is that worms are becoming popular among the hackers of the world again.

We've seen a handful of new malware strains introduced in recent months with worm modules added to their code, allowing them to scan and infect Windows systems connected to the initial source of the infection.

That's bad news for IT Security professionals around the globe. In the early days of the internet, some of the most devastating attacks were worm-based and caused no end of trouble to organizations of all shapes and sizes. Now, it seems that today's hackers are dusting off one of yesteryear's favorite tactics and giving it a new lease on life. Purple Fox malware is the latest strain spotted with a worm module attached.


The history of Purple Fox

Purple Fox has been around a while as malware goes, being first spotted in the wild in 2018, when it infected in excess of 30,000 devices during the first campaign known to utilize it. As was the case then, Purple Fox isn't terribly damaging in and of itself, but is primarily used as a dropper, to deploy other, more devastating forms of malware once it has gained a foothold on a target system.

Given that, and its new worm-like capabilities that allow it to spread like wildfire once it gets a toehold somewhere, it should be considered dangerous indeed.

Even more worrisome is the fact that after the initial spate of infections in 2018, the controllers of the code went relatively quiet until May 2020, when Purple Fox attacks suddenly intensified, with more than 90,000 separate attacks in April and May of this year alone.


My perspective

As if busy IT managers didn't have enough to worry about, now they can add yet another item. Purple Fox looks like it's here to stay.


~ Flo might have said - "Well, kiss my grits" ~


By Denis Wilson

Cybersecurity Expert, Small Business Technology Consultant, Managed Services Provider, Managed IT Support

Thanks for reading this short post. For more tips on thriving with small business technology, check out the other blog posts at DWPIA Blogs. You can also find me on LinkedIn, Facebook, and Twitter

I am also a published author and speaker on cloud computing, work@home, and cybersecurity. I work extensively with business and professional associations to provide small business technology education programs.


Contact me if you would like me to speak to your association