Express Computer
Home  »  Security  »  New ransomware attacking APAC nations via malvertising: Report

New ransomware attacking APAC nations via malvertising: Report

0 413

Cybersecurity researchers have discovered a very sophisticated Exploit Kit that is targeting countries in the Asia-Pacific region to deliver ransomware via malvertising, which is the spread of malware through online advertisements.

Exploit kits are automated threats that utilise compromised websites to divert web traffic, scan for vulnerable browser-based applications, and run malware.

Called ‘Magnitude EK’, the constantly evolving Exploit Kit uses its own ransomware as its final payload.

The ransomware comes with a temporary encryption key and list of domain names and the attackers keep changing them frequently, according to the cybersecurity firm Kaspersky.

The Magnitude EK switched to an exploit for the more recent vulnerability ‘CVE-2019-1367′ in an outdated web browser which was originally discovered as an exploited zero-day in the wild. The Magnitude EK is using it as their primary exploit since February 11, 2020.

“Zero day vulnerabilities are very risky for businesses, critical infrastructures, government and financial institutions and consumers who are availing themselves to the exposed browser or networks,” said Dipesh Kaura, General Manager for South Asia, Kaspersky.

Magnitude EK is one of the longest-standing exploit kits. It was on offer in underground forums from 2013 and later became a private exploit kit.

The ransomware delivered by ‘Magnitude EK’ doesn’t encrypt the files located in common folders such as documents and settings, app data, local settings, sample music, tor browser, etc.

Before encryption, the extensions of files are checked against a hash table of allowed file extensions that contains 715 entries.

A ransom note is left in each folder with encrypted files and at the end a notepad.exe process is created to display the ransom note.

After encryption the ransomware also attempts to delete backups of the files, said the researchers.

“Storing back-up for important data is a basic step that needs to be taken especially by enterprises and government institutions in order to fight against attacks like ransomware”, said Kaura.

The implementation of the Magnitude EK technique in its latest variant was an interesting discovery.

Attacks by Exploit Kits have decreased over the years but they still exist, are still active and pose a threat.

“Although Exploit Kits may be less rampant today, they prove to be actively maintained and ever-evolving, which remains a threat to users,” added Boris Larin, Senior Security Researcher, Russia, Kaspersky.

Get real time updates directly on you device, subscribe now.

Leave A Reply

Your email address will not be published.

LIVE Webinar

Digitize your HR practice with extensions to success factors

Join us for a virtual meeting on how organizations can use these extensions to not just provide a better experience to its’ employees, but also to significantly improve the efficiency of the HR processes
REGISTER NOW 

Stay updated with News, Trending Stories & Conferences with Express Computer
Follow us on Linkedin
India's Leading e-Governance Summit is here!!! Attend and Know more.
Register Now!
close-image
Attend Webinar & Enhance Your Organisation's Digital Experience.
Register Now
close-image
Enable A Truly Seamless & Secure Workplace.
Register Now
close-image
Attend Inida's Largest BFSI Technology Conclave!
Register Now
close-image
Know how to protect your company in digital era.
Register Now
close-image
Protect Your Critical Assets From Well-Organized Hackers
Register Now
close-image
Find Solutions to Maintain Productivity
Register Now
close-image
Live Webinar : Improve customer experience with Voice Bots
Register Now
close-image
Live Event: Technology Day- Kerala, E- Governance Champions Awards
Register Now
close-image
Virtual Conference : Learn to Automate complex Business Processes
Register Now
close-image