Cobalt Group Pushes Revamped ThreadKit Malware
Threat actors have updated their malware to include a macro-based delivery framework. Continue reading Cobalt Group Pushes Revamped ThreadKit Malware
Collaborate Disseminate
Threat actors have updated their malware to include a macro-based delivery framework. Continue reading Cobalt Group Pushes Revamped ThreadKit Malware
Ukranian police arrested a suspect alleged to have distributed the NotPetya/ExPetr malware that ultimately infected 400 computers. Continue reading Ukrainian Man Arrested, Charged in NotPetya Distribution
Last June 27, there was a huge outbreak of a Petya-esque malware with WannaCry-style infector in the Ukraine. Since there is still confusion about how exactly this malware is linked to the original Petya, we have prepared this small guide on the backg… Continue reading Keeping up with the Petyas: Demystifying the malware family
A Ukrainian software company at the center of an international ransomware outbreak was reportedly warned about its insufficient digital security multiple times, and new evidence shows it had been compromised by hackers before last week’s incident. M.E.Doc, a Ukrainian software firm that develops accounting software that is mandated by the country’s government, is widely considered to be the “patient zero” behind ExPetr, a unique ransomware variant that first appeared on June 27 with the capability of spreading quickly across local networks and deleting data. Cybersecurity researchers with Czech security firm ESET published evidence Tuesday that hackers were able to successfully penetrate M.E.Doc in the months preceding the major attack and had installed a series of backdoors. These implants would allow a hacker to remotely execute numerous commands and upload other malicious code. Such a backdoor may have been originally leveraged to launch ExPetr. It’s also possible that the attacker had […]
The post ‘Patient zero’ of global ransomware incident was warned and owned before outbreak appeared first on Cyberscoop.
Continue reading ‘Patient zero’ of global ransomware incident was warned and owned before outbreak
The main suspect behind the recent global ransomware attack is a hacking group with suspected ties to Russia and a history of launching destructive computer viruses, according to research conducted by Czech cybersecurity firm ESET. The company has pegged the attack to a group known as Telebots or Sandworm. “The TeleBots group continues to evolve in order to conduct disruptive attacks against Ukraine. Instead of spearphishing emails with documents containing malicious macros, they used a more sophisticated scheme known as a supply-chain attack,” writes Anton Cherepanov, a senior malware researcher with ESET, in a blog post. “The latest outbreak was directed against businesses in Ukraine, but they apparently underestimated the malware’ spreading capabilities.” While the spread of so-called PetrWrap or NotPetya turned into global news as thousands of computers were locked down by the virus, the incident plays into a larger and already established narrative of hackers repeatedly using wiper malware and defunct ransomware, […]
The post Early indications point to Sandworm hacking group for global ransomware attack appeared first on Cyberscoop.
Continue reading Early indications point to Sandworm hacking group for global ransomware attack
The main suspect behind the recent global ransomware attack is a hacking group with suspected ties to Russia and a history of launching destructive computer viruses, according to research conducted by Czech cybersecurity firm ESET. The company has pegged the attack to a group known as Telebots or Sandworm. “The TeleBots group continues to evolve in order to conduct disruptive attacks against Ukraine. Instead of spearphishing emails with documents containing malicious macros, they used a more sophisticated scheme known as a supply-chain attack,” writes Anton Cherepanov, a senior malware researcher with ESET, in a blog post. “The latest outbreak was directed against businesses in Ukraine, but they apparently underestimated the malware’ spreading capabilities.” While the spread of so-called PetrWrap or NotPetya turned into global news as thousands of computers were locked down by the virus, the incident plays into a larger and already established narrative of hackers repeatedly using wiper malware and defunct ransomware, […]
The post Early indications point to Sandworm hacking group for global ransomware attack appeared first on Cyberscoop.
Continue reading Early indications point to Sandworm hacking group for global ransomware attack
The global outbreak of the Petya/ExPetr malware wasn’t a ransomware attack, it was wiper malware aimed to sabotage, according to experts. Continue reading ExPetr Called a Wiper Attack, Not Ransomware
Ringing in with echoes of WannaCry, Petya (or Petrwrap, NotPetya), is a new ransomware strain outbreak affecting many users around the world.
Categories:
Cybercrime
Malware
Tags: EternalBlueexploitgermanymalwarebytes labsNotPetyaPetrwrappetyaransomwa… Continue reading Petya-esque ransomware is spreading across the world
A quickly-spreading, world-wide ransomware outbreak has reportedly hit targets in Spain, France, Ukraine, Russia, and other countries. Continue reading A Ransomware Outbreak Is Infecting Computers Across the World Right Now