Thursday, April 8, 2021
The Federal Bureau of Investigations (FBI) recently issued a joint alert with the Department of Homeland Security/Cybersecurity Infrastructure and Security Agency (CISA) that “Mamba ransomware has been deployed against local governments, public transportation agencies, legal services, technology services, industrial, commercial, manufacturing, and construction businesses.”
According to the Alert, the hacking group behind the Mamba ransomware attacks is weaponizing an open source tool used for disc encryption—DiskCryptor—to encrypt entire operating systems of victims. Once the operating system has been encrypted, a ransom note appears and demands payment for the decryption key.
The Alert states, “[T]he ransomware program consists of the open source, off-the-shelf, disk encryption software DiskCryptor wrapped in a program which installs and starts disk encryption in the background using a key of the attacker’s choosing….The ransomware extracts a set of files and installs an encryption service. The ransomware program restarts the system about two minutes after installation of DiskCryptor to complete driver installation.”
Related Keywords
, Bureau Of Investigations , Security Agency , Department Of Homeland Security Cybersecurity Infrastructure , Federal Bureau , Cybersecurity Infrastructure , பணியகம் ஆஃப் விசாரணைகள் , துறை ஆஃப் தாயகம் பாதுகாப்பு இணைய பாதுகாப்பு உள்கட்டமைப்பு , கூட்டாட்சியின் பணியகம் , இணைய பாதுகாப்பு உள்கட்டமைப்பு ,
comparemela.com © 2020. All Rights Reserved.