![]() That malware variant is being sold on darknet marketplaces by a long-time provider of malware-as-a-service. The researchers have analyzed the malware and note that it shares some of its source code with the more_eggs backdoor. The researchers have confirmed that the ransomware campaign is being offered as-a-service, that it has been linked to several highly active and advanced cybercriminal operations, and that the ransomware is being used in real world attacks. It is unclear at this stage how many enterprises have been attacked with PureLocker ransomware. By encrypting databases and applications that are critical for day-to-day business operations they can cause massive financial losses, which makes payment of the ransom much more likely. ![]() The ransomware can be used to attack different operating systems – Windows, OS-X, and Linux – and by targeting servers, the attackers can inflict a considerable amount of pain. The ransomware has been executed in several different sandboxes and displayed no malicious or suspicious behaviors. Researchers at Intezer note that in the three weeks since the ransomware was first detected, virtually none of the AV engines on VirusTital are identifying the ransomware as malicious. PureLocker represents a serious threat, especially since signature-based security solutions struggle to detect malware written in PureBasic. The new threat has been called PureLocker as it has been written in PureBasic, which is unusual for ransomware. ![]() Security researchers at IBM X-Force and Intezer have identified a new form of ransomware that is being used in targeted attacks on enterprise servers.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |