Showing posts with label Ransomware. Show all posts
Showing posts with label Ransomware. Show all posts

Thursday, August 1, 2019

Sodin Encryption Ransomware: New Ransomware Found

Sodin Encryption Ransomware: New Ransomware Found



Top security firm- Kaspersky recently discovered a new ransomware that seemingly targets a known Windows flaw to get elevated privileges. Encryption Ransomware Sodin as the ransomware has come to be known, takes advantage of the architecture of the CPU to avoid anyone from discovering it. This is something that is not commonly seen in ransomware.

A top Security researcher up at Kaspersky also said that it’s not everyday that they get to see ransomware that was so elaborate and sophisticated. As mentioned earlier the whole using – of – CPU Architecture – to – avoid – detection is not something that encryptors normally do.

Number of Attacks Expected with Encryption Ransomware Sodin: 


Experts expect a rise in the number of attacks involving ransomware- sodin. They say this as it is an extremely sophisticated system that involves a lot of resources to create. No encryptor is going to go to all that trouble and money, not to mention, to create a ransomware without any chances of a huge pay off.

Areas Targeted by the Ransomware- Sodin: 


This ransomware has targeted many countries of the world with a spat of the ransomware being seen in Asia. Countries such as Taiwan have been detected with 17.6% of the total attacks and with a 9.8% in Honk Kong. Add to that an 8.8% in the Republic of Korea, and the total comes up to 36.2% in Asia alone. These are just those figures that have been discovered at present.

Asia is not the only the continent to be affected too. Europe, America and Latin America have also reported cases of Sodin.

Besides simply affecting the system, victims were also to pay up $2500 worth of Bitcoin to free up their systems from the control of Sodin.

More about Sodin: 


There was an earlier vulnerability known as CVE-2018-8453 which was used by a hacking group known as FruityArmor. However, this vulnerability was patched on the 10th of October 2018. It was this vulnerability that is used by Sodin to gain control of a user’s PC.


How to Avoid Getting in the grasps of  this ransomware: 


To ensure that you don’t fall a prey to the ransomware- Sodin, make sure you’ve got the latest in software updates on your PC.

Kaspersky researchers also said that by having security products that made regular assessments on vulnerabilities as well as giving patches would help solve problems such as these.

CyberArk have tested Sodin and have found that it can’t get through to Endpoint Privilege Manager’s feature set. The set is a combination of least privileges, application control policies on end point and servers and credential theft protection. CyberArk has tested millions of samples of various ransomware to better understand the infection and how to remove it.

Based on this research, the system is able to identify all known ransomware. For those that it does not have any prior knowledge about, it marks as suspicious and protects information accordingly.

This means that if one end point becomes infected the rest are protected from an organised attack.

Tuesday, May 16, 2017

Global Cyber Attack: Security blogger Halts Ransomware By Accident

Ransomware
CYBER ATTACK HALTED BY ACCIDENT

The world has become much advanced since the inception of the internet. The internet has revolutionised the world and has been able to bridge the gap between the world. This has made the world a much better place to live. We are quite fortunate that we are living in this era to experience the impossible ones.

Well, there are many cyber-attacks which break the net often. Some become the easy victim of all this. Often we hear that the accounts have been hacked and this leads to the chaos. Recently there was a news of a UK security where he has reported to the BBC that how accidently he had brought a stop of the malicious ransomware which has affected the numerous organisations.

THE REPORT 

The man is known as the Malware Tech which is his pseudo name. After hearing about the technological news about the latest malware attack, he wanted to investigate the matter. The cyber-attack spread all across the globe and it has created a huge impact in the world of technology.

The technological news kept the update on this cyber-attack. After the investigation, he found that the solution and brought malicious ransomware to a halt. It appeared to be a kill switch in the code of the software. He admitted that the discovery was purely accidental.

Even after the accidental discovery, it did not let to the proper repair of the ransomware. The event brought a halt in spreading it to the other computers. Well this was something very crucial that has to be needed.

THE DISCOVERY

After the discovery, the guy found that the malware was trying to contact a particular type of web address every time a new computer was affected. The web address was not that simple. It was a combination of letters and moreover it was not registered. The person decided to register the web address and eventually he ended up buying the address for $10.69 (£8). This gave him the access where the computers were accessed from. This gave him the idea how the ransomware was spreading.

THE DEFEAT

The registration has only stopped but that doesn’t mean it had stopped the malware spreading. There are still files which will be held for ransom. The recent technology news have stated that the ransomware has started ignoring the kill switch. You should keep an update on the recent technology news to know more details.

THE IMPACT

The impact has been huge in the UK affecting the health clinics and several computers. There were many spam emails that appeared to contain invalid invoices and job offers. The incident took the world by storm. There were also many security warnings and other valid files.

The encrypted ransomware demanded almost payment of $300 to $600 to restore access. Well, this was a huge issue and the people had to face the consequences for this. The digital transactions went for a toss. The antivirus giant Avast had observed infections of more than 57000 in 100 countries.