South Korea network hosting company Nayana infection Erebus extortion software – Penetration Testing

According to foreign media reported on June 12, South Korea’s network hosting company Nayana last weekend suffered a network attack, resulting in its 153 Linux servers and 3,400 sites infected with Erebus blackmail software.

Security experts say extortion software Erebus abuse Event Viewer, which allows user account control (UAC) to bypass, that is, users will not be prompted to run the program with higher privileges. In addition, the blackmail software Erebus can also copy itself to any random named file to modify the Window registry to hijack content related to the .msc file extension.

Once the 60 target file extensions are encrypted by Erebus, the desktop will have a redemption notice, the victim will click on the “recovery file” after the page will jump to the Erebus Tor payment site. The amount of ransom for the Erebus software has soared to $29,075 (10-bit currency) from $90 (0.085-bit) in February, at a recent price of $15,165 (5.4-bit).

At present, South Korea Internet Security Bureau, the national security agencies have launched a joint investigation with the police. Nayana said they will actively cooperate to regain control of server control as soon as possible.

Reference: networkworld

The post South Korea network hosting company Nayana infection Erebus extortion software appeared first on Penetration Testing. http://ift.tt/2sqgN6e http://ift.tt/2aM8QhC

Anúncios

Deixe um comentário

Preencha os seus dados abaixo ou clique em um ícone para log in:

Logotipo do WordPress.com

Você está comentando utilizando sua conta WordPress.com. Sair / Alterar )

Imagem do Twitter

Você está comentando utilizando sua conta Twitter. Sair / Alterar )

Foto do Facebook

Você está comentando utilizando sua conta Facebook. Sair / Alterar )

Foto do Google+

Você está comentando utilizando sua conta Google+. Sair / Alterar )

Conectando a %s