Cybersecurity Kaspersky researchers have unveiled a new encryption ransomware called Sodin, which exploits a newly discovered Windows vulnerability to gain increased privileges in an infected system.
Ransomware takes advantage of the central processing unit (CPU) architecture to avoid detection - functionality that is not often seen in ransomware.
"Ransomware is a very popular type of malware, but we do not often see such a complex and sophisticated version: the use of architecture CPU to escape the radar is not an ordinary one practice for cryptographers, "said Fedor Sinitsyn of Kaspersky.
"We expect an increase in the number of attacks involved in the Sodin encryptor, as the amount of resources needed to build such malicious programs is important. Those who invest in malware development are sure to expect to get back money "Sinitsyn added.
However, attacks were also observed in Europe, North America and Latin America, Kaspersky said, adding that the ransomware note left in infected computers requires each Bitcoin victim worth 2500 dollars.
The CVE-2018-8453 vulnerability that uses the ransomware was found earlier that the FruityArmor hacking team took advantage of it. Vulnerability was corrected on October 10 2018, Kaspersky said.
To avoid becoming a victim of Sodin, make sure that the software you use is updated to the most recent editions, said Kaspersky researchers.
Vulnerable security products and update management capabilities code can help automate these processes, they added.
How useful was this post?
Average rating / 5. Vote count: