ShadowBrokers Remain an Enigma
As we approach the first anniversary of the ShadowBrokers, their true identity and source of their stolen NSA exploits remains a mystery. Continue reading ShadowBrokers Remain an Enigma
Category Archives: Comae Technologies
New Petya Distribution Vectors Bubbling to Surface
Microsoft has made a definitive link between MEDoc and initial distribution of the Petya ransomware. Kaspersky Lab, meanwhile, has identified a Ukrainian government website used in a watering hole attack. Continue reading New Petya Distribution Vectors Bubbling to Surface
Global ransomware attack was meant to be destructive, not collect money
A global ransomware outbreak Tuesday was inherently designed to be destructive in nature, according to private sector cybersecurity researchers. An analysis of Petya conducted by Comae Technologies’ Matthieu Suiche reveals that computer code in the June 27 version of the malware is different than previous samples which were tied to incidents involving monetary gain. The primary difference between past Petya variants and Tuesday’s malware comes in the form of a small block of code that effectively commands the virus to “erase the Windows system’s Master Boot Record (MBR) on default,” said Suiche. “After comparing both implementations, we noticed that the current [implementation] that massively infected multiple entities in Ukraine was in fact a wiper, which just trashed the 25 first sector blocks of the disk,” Suiche wrote in a blog post. Petya effectively demolishes a key function of the victim computer’s boot process even before a victim has the chance to read any ransom […]
The post Global ransomware attack was meant to be destructive, not collect money appeared first on Cyberscoop.
Continue reading Global ransomware attack was meant to be destructive, not collect money