Unrelated Ethereum Clients endanger the entire network
infosec

Unrelated Ethereum Clients endanger the entire network

According to a survey by SRLabs, Ethereum clients, who have not received security updates, are at risk ...
Read More
infosec

How To Secure Your Android Device In 5 Simple Steps

Google monitors all your Android device's activities to collect data to show you targeted ads ....
Read More
infosec

Hacker publishes non-flattery golf scores on a Trump account

Four miserable 101, 100, 108 and 102 returns were published in the President's account for Golf Handicap and Information ...
Read More
infosec

The company behind LeakedSource admitted its guilt for the sale of data that was illegally acquired

The Canadian police issued a press release, according to which Defiant Tech Inc., the company behind the ...
Read More
infosec

Biometric technologies and privacy issues

One of the most used technologies in recent years is biometric technologies such as fingerprint recognition or ...
Read More
Latest Posts

Reprogrammed GandCrab Ransomware targets SMB vulnerabilities

SMBGandCrab ransomware, which has created itself in the Internet security industry with its constant evolution, has again provoked turmoil. The latest version of ransomware uses SMB exploit spreader via exposed sites. The ransomware adds new features every day to target different countries.

Attackers behind the ransomware scan the entire internet to find vulnerable sites to launch the attack. The most recent version includes a long hard-coded list of websites that were vulnerable and used to perform the attack.

A false random algorithm has been used by attackers to select a predefined word to fill in the URL for each host, and the final URL is created as "www. Host ».com / data / tmp / sokakeme.jpg«.

According to several reports, this newer version of ransomware can be spread through an "SMB exploit". Interestingly, the same exploit was used to spread the WannaCry and Petya / NotPeta ransomware attacks last year.

To spread through SMB vulnerabilities, the entire ransomware code was rewritten and malware is now using EternalBlue National Security Agency (NSA) exploits to attack more quickly.

A survey suggests that a section called "network f ** ker" is responsible for SMB exploits.

Fortinet, an internet security company, said "With GandCrab's rapid development last week and the public speculation of this exploit, it would not be surprising if the attackers behind it decided to add it to a future update."

However, Microsoft has turned its attention to ransomware and has created a MS17-010 security patch. To protect your system, make sure it is up to date with the latest security version.

Do you have an opinion? Leave your comment.

The author allows you to copy his / her text only if you report the source (SecNews.gr), as an e-mail address (Live URL) of the article.
Updated on by

Reader Interactions

Leave a reply

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *