AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
Crypto locker regex11/12/2022 To protect your company infrastructure from possible BlackCat attacks, you can download a set of free Sigma rules developed by our seasoned Threat Bounty developers Emir Erdogan and Kaan Yeniyol, who never miss a trick. According to the reports, victims are asked to pay up to $14 million to get hold of their files. BlackCat MitigationĪLPHV first surfaced in mid-November 2021 and has been actively prowling around for victims across industries. BlackCat operators have learned from the mistakes of their RaaS predecessors, employing new infection vectors, novel execution options, and particularly aggressive naming and shaming campaigns. Despite numerous similarities, the ALPHV BlackCat ransomware includes innovative features that single it out from RaaS programs aimed at corporate breaches. Labeled “the new generation of ransomware”, BlackCat displays similar behavioral elements to those of a DarkSide successor, BlackMatter ransomware. There are an increasing number of cases using malware written in Dlang, Go, Nim, and Rust, to find new paths of bypassing security protections, evade analysis, and reach higher chances of evasion success. We witness a growing trend of hackers widening their repertoire of languages used for crafting malware. It urges the infected users to connect to the attackers’ payment portal via TOR, with ransom demands in either Bitcoin or Monero. BlackCat uses a random name extension on every encrypted device, appended to all files and included in the ransom note. Consequently, it will shut down the operation of virtual machines and ESXi VMs, and delete ESXi snapshots to obstruct or prevent recovery. The ransomware will terminate processes and services that could potentially prevent encryption in its setup process.
0 Comments
Read More
Leave a Reply. |