The Topic view for WPID= simulated rendering in new page.

Visual layout may differ depending on browser and as rendered by Older view in Website

Never-before-seen malware is nuking data in Russia’s courts and mayors’ offices

ItemDate=2022-12-19 03:17:36 Status=publish


#News(Security) [ via IoTGroup ]

Mayors' offices and courts in Russia are under attack by never-before-seen malware that poses as ransomware but is actually a wiper that permanently destroys data on an infected system according to security company Kaspersky and the Izvestia news service.Kaspersky researchers have named the wiper CryWiper a nod to the extension .cry that gets appended to destroyed files.

Kaspersky says its team has seen the malware launch “pinpoint attacks” on targets in Russia.Additional details including how many organizations have been hit and whether the malware successfully wiped data weren’t immediately known.Wiper malware has grown increasingly common over the past decade.

Kaspersky said it discovered the attack attempts by CryWiper in the last few months.After infecting a target the malware left a note demanding according to Izvestia 0.5 bitcoin and including a wallet address where the payment could be made.“After examining a sample of malware we found out that this Trojan although it masquerades as a ransomware and extorts money from the victim for ‘decrypting’ data does not actually encrypt but purposefully destroys data in the affected system ” Kaspersky’s report stated.Both wipers use the same algorithm for generating pseudo-random numbers that go on to corrupt targeted files by overwriting the data inside of them.CryWiper shares a separate commonality with ransomware families known as Trojan-Ransom.Win32.Xorist and Trojan-Ransom.MSIL.Agent.

The CryWiper sample Kaspersky analyzed is a 64-bit executable file for Windows.That’s an unusual choice since it’s more common for malware written in C++ to use Microsoft’s Visual Studio.Given the number of specific calls CryWiper makes to Windows programming interfaces this reason seems unlikely.Successful wiper attacks often take advantage of poor network security.Dynamic analysis of mail attachments and blocking of malicious files and URLs.This will make email attacks one of the most common vectors more difficult.

Read More..
AutoTextExtraction by Working BoT using SmartNews 1.03976805238 Build 04 April 2020

Footer info Your browser may cache and not show current data. On windows use CNTRL+F5 key and on Mac Shift+Refresh(browser). See more details. You may need to rotate small screen phones to landscape mode for using some menu or some views.You may contact us here if needed.