Members
  • Total Members: 14197
  • Latest: Levine
Stats
  • Total Posts: 43441
  • Total Topics: 16533
  • Online today: 3258
  • Online ever: 51419
  • (01. January 2010., 10:27:49)
Users Online
Users: 1
Guests: 3219
Total: 3220









Author Topic: Targeted Ransomware No Longer a Future Threat  (Read 2589 times)

0 Members and 1 Guest are viewing this topic.

Pez

  • SCF VIP Member
  • *****
  • Posts: 776
  • KARMA: 117
  • Gender: Male
  • Pez
Targeted Ransomware No Longer a Future Threat
« on: 06. March 2016., 14:34:36 »
Targeted Ransomware No Longer a Future Threat

This post was written by Christiaan Beek and Andrew Furtak.

In 2015, Intel Security investigated a ransomware campaign that targeted the financial sector of a certain country. This was the first time we had observed ransomware targeting a particular sector. The infection vector in that case involved a phishing campaign directed at multiple financial institutions.

During recent weeks, we have received information about a new campaign of targeted ransomware attacks. This time the attackers compromised an external-facing server and used that access to move around the victim’s network. By separating functions that are usually present in ransomware, the adversaries attempted to avoid detection as much as possible.

The stages of this attack included leveraging access to the external system to gain access to many other systems on the internal network. A series of scripts and tools deleted the volume shadow copies and unlock files that were in use, thereby maximizing the impact and thwarting attempts to restore data. Before the actual encryption started, the ransomware divided the candidate files into categories based on size and encrypted the smallest files first. We assume this was to maximize the number of impacted files, even if the process was shut down before it completed. After the files were encrypted, a ransom note was left on the desktop. The note demanded Bitcoins in exchange for the decryption tool and private key to decrypt each of the files.

A more detailed account of our analysis (combining information from organizations across Intel Security) can be found in the technical report Targeted Ransomware No Longer a Future Threat.

This post and the linked technical report are intended to provide a summary of a current threat. If you need assistance, the Intel Security Foundstone Services team offers a full range of incident response, strategic, and technical consulting services that can further help to ensure you identify security risks and build effective solutions to remediate security vulnerabilities.


Original article: https://blogs.mcafee.com/mcafee-labs/targeted-ransomware-no-longer-future-threat/
Their is two easy way to configure a system!
Every thing open and every thing closed.
Every thing else is more or less complex.

Start Turfing ! http://scforum.info/index.php/topic,8405.msg21475.html#msg21475

Samker's Computer Forum - SCforum.info

Targeted Ransomware No Longer a Future Threat
« on: 06. March 2016., 14:34:36 »

 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.codekids.ba:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Kursevi programiranja za ucenike u Sarajevu

Terms of Use | Privacy Policy | Advertising
TinyPortal 2.3.1 © 2005-2023