![]() ![]() The "software update" from an infected MEDoc program would execute "rundll32.exe," an application that helps Windows perform functions like activate GoldenEye, and start encrypting your computer's files and the hard drive. Both Bitdefender and Microsoft were able to find evidence linking GoldenEye's spread to MEDoc. Hackers attacked MEDoc's program, and hid the GoldenEye ransomware in a software update to its many customers. Symantec can confirm that MEDoc software was used to seed initial infections of #petya ransomware- Security Response June 28, 2017 MEDoc is considered the "default" tax filing application "for all companies operating in Ukraine," said Bogdan Botezatu, a threat analyst for Bitdefender. That link, it turns out, is MEDoc, a Ukrainian tax accounting software, researchers found. ![]() Where the attack originates highlights how even the most diligent systems of computers can be undone if there's even one vulnerable link in the chain - even if that link is from outside software or a partner that's connected to you. The widespread attacks shines a new light on an old hack that's since gotten much more powerful. Computers around the world are getting infected, holding up businesses, hospitals and schools. ![]() ![]() Ransomware attacks have run rampant in recent weeks, as GoldenEye follows the wake of the massive WannaCry attack. The cyberattack disrupted hundreds of businesses on Tuesday. The GoldenEye ransomware, a strain of the popular Petya malware, encrypted computers across networks using an NSA exploit called EternalBlue, leaked in April, and held them hostage for $300 in bitcoins. While the majority of victims were in Ukraine and neighboring Russia, it spread throughout the world, hitting global companies like Maersk, FedEx and Merck. The attacks started in Kiev, Ukraine, during the early hours of Tuesday. Now researchers believe they found where the first spark went off. The ransomware GoldenEye spread like wildfire across computers around the world, infecting systems at an alarming rate on Tuesday. Even system updates aren't safe from ransomware. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
December 2022
Categories |