#ransomware | #computerhacker | Some hackers are getting lazy - | #cybersecurity | #informationsecurity

Apr 15, 2020 04:00 am Cyber Security 282
#ransomware | #computerhacker | Some hackers are getting lazy - | #cybersecurity | #informationsecurity


Dive Brief:


  • While coronavirus-related phishing campaigns are spiking, some attackers are getting lazy, according to analysis of ransomware sent to various global government agencies and medical organizations from Palo Alto Networks’ Unit 42. The group observed ransomware variant EDA2, which is associated with HiddenTear. 

  • The malicious file was outdated, meaning it did not correspond with the date it references. Malware authors also neglected to “make their lures appear legitimate in any way,” according to the report. None of the campaigns observed in this research were successful.

  • After the remote command and control gains the target’s username and hostname details, encryption begins using a “fairly simple” algorithm. Additionally, the ransomware has “a particularly substantial limitation,” as it can only encrypt files on the victim’s desktop.

    • Dive Insight:


    Phishing attacks spiked 667% from February to March as bad actors took advantage of the healthcare and economic crisis. But not all cybercriminals are putting as much care into their malware campaigns. 


    “This campaign was not sophisticated by any means,” Adrian McCabe, senior threat researcher for Unit 42, told CIO Dive in an email. The attacker attempted to “take advantage of people’s curiosity toward any particular topic that is popular at a given time,” as cybercriminals typically do. 


    Unit 42 observed another campaign, AgentTesla, sent to healthcare, pharmaceutical and government industries. AgentTesla is sold across forums for cybercriminals and is known for stealing information so its popularity swelled.​


    The campaign uses legitimate business domains as the email sender. The business domains belong to companies in electronic skateboard sales and garment textiles and were likely compromised by the attacker. 


    While the disguised email sender used realistic emails, their recipients were likely the wrong audience. Other cybercriminals pay more attention to detail. IBM X-For ..

    Support the originator by clicking the read the rest link below.

    ransomware computerhacker hackers getting cybersecurity informationsecurity
    Read The Rest from the original source
    nationalcybersecurity.com

    Related News

    Be in Touch

    All Rights Reserved #1 Source for Cyber Security News, Reports and Threat Intelligence
    Powered By The Internet!!!!