The company’s replacement for the Windows command line has now become a target for malware writers. The security firm Symantec claims that they have seen a 95.4% rise in Powershell malware instances. Symantec had also confirmed that they had noticed the number of threats growing at a fast pace, especially in the case of enterprises where the shell framework is more widely used. The firm also confirmed that most of the malicious scripts are used as downloads like office Macros and the goal is to execute code on a system and to spread malware across the entire network As reported by Softpedia, right now there are three common malware families that are spreading with PowerShell scripts known as “W97M.Downloader (9.4 percent of all analyzed samples), Trojan.Kotver (4.5 percent), and JS.Downloader (4.0 percent)” Symantec says “Over the last six months, we blocked an average of 466,028 emails with malicious JavaScript per day, and this trend is growing. Not all malicious JavaScript files use PowerShell to download files, but we have seen a steady increase in the framework’s usage,” Cybercriminals are working to create more complex scripts that can help bypass certain security solutions and protection apps. However, in certain cases, scripts can be developed that can disable security solutions or steal passwords used across the network. Security firm Symantec suggested that users must run updated security software to protect themselves from this kind of attacks and avoid opening emails that contain scripts, file or links coming from unknown sources.
