AstraLocker ransomware reportedly closes doors to pursue cryptojacking
Joseph Edwards, senior malware researcher at ReversingLabs, wrote that the"smash and grab attack methodology as well as other features suggest the attacker behind this malware is low-skill and looking to cause disruption, compared with the more patient, methodical, and measured approach to compromises used by Babuk and other, more sophisticated ransomware outfits."
The Babuk source code was leaked in September 2021 and ReversingLabs said shared code and campaign markers link AstraLocker and Babuk. In addition, the researcher wrote that a Monero cryptocurrency wallet address listed by AstraLocker for ransom payments is tied to the Chaos ransomware gang. "Typically, affiliate threat actors avoid pushing ransomware early, opting instead to push files that allow them to expand their reach within the target environment," he wrote."Ransomware almost invariably is deployed last, after compromising the victim's Domain Controller, which enables the cybercriminals to use the domain controller to deploy a group policy object and encrypt all hosts in the affected domains.
"Requiring so much user interaction increases the chances that victims will think twice about what they're doing," Edwards wrote."That's one reason OLE objects see less use in malware delivery, as opposed to the more popular VBA macro infection method, which only requires the user to enable macros in order to execute."
Belgique Dernières Nouvelles, Belgique Actualités
Similar News:Vous pouvez également lire des articles d'actualité similaires à celui-ci que nous avons collectés auprès d'autres sources d'information.
Why that Stranger Things season 4 death (no, not that one) was a mistakeWhy that Stranger Things season 4 death (no, not that one) was a mistake:
Lire la suite »
Here's why large groups of teens have been dressing in suits for Glasgow cinema visitsLarge groups of teens have been spotted dressed to the nines in Glasgow city centre of late leaving many questioning what they are up to.
Lire la suite »
Arsenal push for £25m midfielder as Romano explains why Milinkovic-Savic deal is 'complicated'Arsenal are weighing up the possibility of signing Leicester City midfielder Youri Tielemans 'more than' Lazio star Sergej Milinkovic-Savic.
Lire la suite »
Call of the Wild (With WiFi): Why People Are Flocking to Luxury off-Grid CabinsThe phrase 'off-grid' might conjure images of a flea-bitten shack in the Adirondacks, but that’s way off the mark in 2022
Lire la suite »
Why George Russell's Reaction MatteredWhy George Russell's Reaction Mattered — FormulaNerds.com — Latest News George Russell recognised that it was necessary to step into action at the British Grand Prix.
Lire la suite »
Why Stylist’s beauty editor has fallen in love with Rose Inc’s new refillable lipsticksLike many women of colour, the search for a truly natural-looking lipstick has proved elusive – that is until the latest drop from Rosie Huntington-Whiteley’s brand, Rose Inc. morganfargo gives her full review ⬇️
Lire la suite »