Connect with us

Internet

New Ransomware Found Exploiting Former Windows Zero-Day Flaw

Published

on

Researchers at cybersecurity firm Kaspersky have uncovered new encryption ransomware named Sodin (Sodinokibi or REvil) that exploits a recently discovered Windows vulnerability to get elevated privileges in an infected system. The ransomware takes advantage of the architecture of the central processing unit (CPU) to avoid detection – functionality that is not often seen in ransomware.

“Ransomware is a very popular type of malware, yet it’s not often that we see such an elaborate and sophisticated version: using the CPU architecture to fly under the radar is not a common practice for encryptors,” said Fedor Sinitsyn, a security researcher at Kaspersky.

“We expect a rise in the number of attacks involving the Sodin encryptor, since the amount of resources that are required to build such malware is significant. Those who invested in the malware’s development definitely expect if to pay off handsomely,” Sinitsyn added.

The researchers found that most targets of Sodin ransomware were found in the Asian region: 17.6 percent of attacks have been detected in Taiwan, 9.8 percent in Hong Kong and 8.8 percent in the Republic of Korea.

However, attacks have also been observed in Europe, North America and Latin America, Kaspersky said, adding that the ransomware note left on infected PCs demands $2500 worth of Bitcoin from each victim.

The vulnerability CVE-2018-8453 that the ransomware uses was earlier found to be exploited by the FruityArmor hacking group. The vulnerability was patched on October 10, 2018, Kaspersky said.

To avoid falling victim to Sodin threats, make sure that the software used in your company is regularly updated to the most recent versions, said Kaspersky researchers.

Security products with vulnerability assessment and patch management capabilities may help to automate these processes, they added.

Source link

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published.

Internet

Nintendo Officially Owns A Movie Studio Now

Published

on

Nintendo acquired Dynamo Pictures, but it remains to be seen what “Nintendo Pictures” will do with its new film studio.

Continue Reading

Internet

The One Way This Teen Would Stop Tracking Elon's Jet

Published

on

The Twitter account tracking all of Elon Musk’s flights is still live, but its creator has decided that he is willing to take it down… for a price.

Continue Reading

Internet

Apple's Touch ID Unlikely To Return To High-End iPhones Anytime Soon

Published

on

The iPhone’s home button and Touch ID aren’t quite lost to history yet, but don’t expect to find them on high-end iPhone models at any point in the near future.

Continue Reading

Trending