Revision history: 29th of June, 2017 18:00 (UTC +2) - Update 2 (current) - Added Q11 28th of June, 2017 22:00 (UTC +2) - Update 1 - Initial FAQ Q1 Is the Petya attack still in progress? A: The initial attack vector appears to have been the accounting software M.E.Doc, for which a malicious software update … Continue reading FAQ about PETYA/GOLDENEYE/PETR outbreak
Liveblog: Huge Petya ransomware wave
Revision history: Update 2 (current): 28th of June, 2017 22:45 (UTC +2) - Added Snort rule for detection purposes Update 1: 27th of June, 2017 18:04 (UTC +2) - Initial post A new variant of the Petya ransomware started to spread havoc within various companies around the world the 27th of June 2017 . The … Continue reading Liveblog: Huge Petya ransomware wave
FAQ on the WanaCry ransomware outbreak
Last updated: May 16th 2017 A ransomware variant known as WanaCry/WanaCrypt0r has spread on a massive scale around the world since the 12th of May 2017. For more information about the context with regards to this WanaCry variant, see also our earlier blog. The section below outlines the frequently asked questions and corresponding answers. Q: … Continue reading FAQ on the WanaCry ransomware outbreak
Massive outbreak of ransomware variant infects large amounts of computers around the world
Today, May 12th 2017, a ransomware variant known as WanaCry is being spread on a massive scale around the world. Once a computer is infected it will attempt to infect other machines on the same network using a recently patched vulnerability in the Windows SMB protocol. Update: We have published an FAQ to answer additional … Continue reading Massive outbreak of ransomware variant infects large amounts of computers around the world
Snake: Coming soon in Mac OS X flavour
Summary Snake, also known as Turla, Uroburos and Agent.BTZ, is a relatively complex malware framework used for targeted attacks1. Over the past year Fox-IT has been involved in multiple incident response cases where the Snake framework was used to steal sensitive information. Targets include government institutions, military and large corporates. Researchers who have previously analyzed … Continue reading Snake: Coming soon in Mac OS X flavour
A Mole exposing itself to sunlight
With the daily growth of the different kinds of ransomware and distribution techniques, Fox-IT's Security Operations Center was investigating a new ransomware called Mole. This ransomware is currently being spread by a social engineering exploit kit to trick the user in downloading a malicious executable. The ransomware author of Mole made a small mistake, which … Continue reading A Mole exposing itself to sunlight
Turkish hacktivists targeting the Netherlands: high noise, low impact
As a result of increased political tensions between The Netherlands and Turkey, a surge in activity from several Turkish hacker groups has been observed by Fox-IT. Most activities observed thus far appear to be aimed at defacement and disruption of online Dutch infrastructure. Most of the methods and techniques used to achieve this goal are … Continue reading Turkish hacktivists targeting the Netherlands: high noise, low impact
