![]() "A spreading utility, discovered along with the ransomware, propagated the program inside the network. The Kaspersky analysts also found that VHD uses techniques that enable it to move laterally across a network - techniques that are similar to those found in other malware deployed by Lazarus. Kaspersky released a study earlier this month that delved into other details of MATA and how Lazarus has used it over the past several months around the world (see: Lazarus Group Deploying Fresh Malware Framework). ![]() The VHD ransomware uses a framework called MATA to deliver the final payload, according to the report. But it said at least one of the attacks happened in Europe. Kaspersky did not describe how it came across these two incidents or whether the victims paid any ransom to the attackers. See Also: Live Webinar | The Secret Sauce to Secrets ManagementĪfter examining two events earlier this year, the Kaspersky analysts concluded that a new form of ransomware called VHD appears to be the work of the Lazarus Group, which has also carried out online bank and cryptocurrency heists on behalf of the government of North Korea (see: North Korean Hacking Infrastructure Tied to Magecart Hits). The Lazarus Group, the North Korean hacking group behind the WannaCry worm, the theft of $81 million from a Bangladesh bank and the attacks on Sony Pictures, apparently is expanding into ransomware, according to the security firm Kaspersky. Illustration shows how the VHD ransomware strain can move laterally through infected networks before delivering the final payload to encrypt files, (Source: Kaspersky)
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |