A new Java-based ransomware targets Windows and Linux
1 min read
Jun 05, 2020
Security researchers have discovered a dangerous new strain of ransomware targeting Linux and Windows systems that uses a Java file format, making it highly difficult to detect before it detonates its file-encrypting payload.
Consulting giant KPMG’s incident response unit was called in to run the recovery effort at an unnamed European educational institute hit by a ransomware attack. BlackBerry’s security research unit, which partners with KPMG, analyzed the malware and published its findings Thursday.
BlackBerry’s researchers said that a hacker broke into the institute’s network using a remote desktop server connected to the internet, and deployed a persistent backdoor in order to gain easy access to the network after they leave. After a few days of inactivity to prevent detection, the hacker re-enters the network again through the backdoor, disables any running anti-malware service, spreads the ransomware module across the network and detonates the payload, encrypting each computer’s files and holding them hostage for a ransom.
Related Articles
1 - 0 min read
8220 Hacker Group Targets Cloud Systems To Mine Crypto
1 - 0 min read
Hacked VMs Reveal New Attack Risks
1 - 0 min read
Millions Of GitHub Repositories Infected With Malicious Code
1 - 0 min read
New GhostRace Attack Impacts Major CPU, Software Vendors
