Ransomware Attackers Target Company, Reveal Peculair Tidbit

Share post:

Cybersecurity researchers have discovered a ransomware campaign that draws on technologies used by nation-state hackers and cyberespionage.

This was revealed when cyber criminals tried to launch a ransomware attack against an unnamed company for product security testing. The attack was discovered and stopped, but gave the cybersecurity researchers at eSentire enough information to investigate the tactics, techniques and procedures used.

The attack methods used in the ransomware campaign were similar to techniques previously identified with government-supported Chinese hacking operations such as APT27 – also known as Emissary Panda.

eSentire said that the low quality of the Ransomware and the absence of identified Ransomware violations by these “Hello Ransomware,” together with the use of intrusion and reconnaissance methods of the attacks, raises questions of whether Ransomware is the true target of the perpetrators.

While this does not necessarily mean that the people behind the ransomware are working on behalf of China, it shows how cyber criminals can copy the techniques used by advanced government-backed hacking groups to spread malware.

Techniques used in the attempted attack in July include the use of SharePoint exploits and China Chopper, a clandestine remote access tool that provides a back door to compromised systems and is commonly distributed on web servers. China Chopper is commonly used by Chinese APT groups and is widely available and used by government-backed hackers and cyber criminals.

For more information, view the original story from ZDnet.

Featured Tech Jobs


Related articles

Google Play introduces new biometric verification with a user warning

Google has recently announced updates to the biometric verification process for Google Play purchases, aiming to bolster security...

Cyber Security Today, Week in Review for week ending Friday April 19, 2024

On this episode Jen Ellis, co-chair of the Ransomware Task Force, talks about ways of fighting one of the biggest cyber threats to IT d

Cyber Security Today, April 19, 2024 – Police bust phishing rental platform, a nine-year old virus found on Ukrainian computers, and more

This episode reports on a threat actor targeting governments in the Middle East with a novel way of hiding malware is going international

Controversial expansion of US surveillance powers nears Senate vote

The US Senate is poised to vote on a significant expansion of Section 702 of the Foreign Intelligence...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways