Japanese companies hit by month long ransomware attacks

Author Topic: Japanese companies hit by month long ransomware attacks  (Read 2442 times)

Offline Nusrat Jahan Momo

  • Full Member
  • ***
  • Posts: 159
  • Test
    • View Profile
Japanese companies hit by month long ransomware attacks
« on: November 20, 2017, 03:27:52 PM »
ONI goes phishing

It all started when security firm Cybereason analyzed some computers that were infected with a ransomware called ONI. This ransomware has been analyzed before, but it was not understood how the ONI victims were being infected. After analysis by Cybereason researchers, it was discovered that the infected computers had also been previously targeted by a spear phishing campaign that installs a RAT, or Remote Access Trojan, on the victim's computer.

These phishing emails pretend to be receipts that contain a zip attachment with a malicious Word document inside it. When a user opens the document and enables macros, a VBScript script will be launched that downloads and install a copy of the Ammyy Admin RAT onto the infected computer.

By Lawrence Abrams

Offline afrin.ns

  • Sr. Member
  • ****
  • Posts: 423
  • Test
    • View Profile
Re: Japanese companies hit by month long ransomware attacks
« Reply #1 on: February 17, 2018, 02:22:45 PM »
Thanks for sharing

Offline Raisa

  • Hero Member
  • *****
  • Posts: 908
  • Sky is the limit
    • View Profile
Re: Japanese companies hit by month long ransomware attacks
« Reply #2 on: June 05, 2018, 09:53:09 AM »
nice
:)

Offline rokeya24

  • Full Member
  • ***
  • Posts: 102
  • Test
    • View Profile
Re: Japanese companies hit by month long ransomware attacks
« Reply #3 on: February 28, 2020, 11:15:41 PM »
good post