A new ransomware campaign has affected atleast 3 Russian media companies. Fontanka, Interfax are among the affected companies. The ransomware is named Bad Rabbit. The malware is delivered as fake flash installer, it uses the SMB protocol to check hardcoded credentials. Bad Rabbit does not employ any exploits to gain execution or elevation of privilege. … Continue reading “Bad Rabbit – Ransomware”
Tag: MBR
Petya Ransomware
Petya is not a new player in the ransomware world. It has multiple versions and was delivered to target machines as part of exploit kit campaigns and as malicious email attachments. The latest versions of petya seems to be spreading via the SMBv1 vulnerabilities (CVE-2017-0144 and CVE-2017-0145) in the Windows operating system. This behavior is … Continue reading “Petya Ransomware”