Security News > 2018 > May > First-Ever Ransomware Found Using ‘Process Doppelgänging’ Attack to Evade Detection
2018-05-07 12:32
Security researchers have spotted the first-ever ransomware exploiting Process Doppelgänging, a new fileless code injection technique that could help malware evade detection. The Process Doppelgänging attack takes advantage of a built-in Windows function, i.e., NTFS Transactions, and an outdated implementation of Windows process loader, and works on all modern versions of Microsoft Windows OS
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/t6Qe87AKvn4/synack-process-doppelganging.html
Related news
- Synlab Italia suspends operations following ransomware attack (source)
- Leicester streetlights take ransomware attack personally, shine on 24/7 (source)
- REvil hacker behind Kaseya ransomware attack gets 13 years in prison (source)
- City of Wichita shuts down IT network after ransomware attack (source)
- Ransomware attacks impact 20% of sensitive data in healthcare orgs (source)
- Ohio Lottery ransomware attack impacts over 538,000 individuals (source)
- Ascension redirects ambulances after suspected ransomware attack (source)
- Singing River Health System: Data of 895,000 stolen in ransomware attack (source)
- Windows Quick Assist abused in Black Basta ransomware attacks (source)
- Cybercriminals Exploiting Microsoft’s Quick Assist Feature in Ransomware Attacks (source)