Security News > 2018 > May > First-Ever Ransomware Found Using ‘Process Doppelgänging’ Attack to Evade Detection
2018-05-07 12:32
Security researchers have spotted the first-ever ransomware exploiting Process Doppelgänging, a new fileless code injection technique that could help malware evade detection. The Process Doppelgänging attack takes advantage of a built-in Windows function, i.e., NTFS Transactions, and an outdated implementation of Windows process loader, and works on all modern versions of Microsoft Windows OS
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/t6Qe87AKvn4/synack-process-doppelganging.html
Related news
- REvil hacker behind Kaseya ransomware attack gets 13 years in prison (source)
- City of Wichita shuts down IT network after ransomware attack (source)
- Ransomware attacks impact 20% of sensitive data in healthcare orgs (source)
- Ohio Lottery ransomware attack impacts over 538,000 individuals (source)
- Ascension redirects ambulances after suspected ransomware attack (source)
- Singing River Health System: Data of 895,000 stolen in ransomware attack (source)
- Windows Quick Assist abused in Black Basta ransomware attacks (source)
- Cybercriminals Exploiting Microsoft’s Quick Assist Feature in Ransomware Attacks (source)
- OmniVision discloses data breach after 2023 ransomware attack (source)
- LockBit says they stole data in London Drugs ransomware attack (source)