Daffodil International University

Faculty of Science and Information Technology => Evening Program (FSIT) => Topic started by: Nusrat Jahan Momo on November 20, 2017, 03:27:52 PM

Title: Japanese companies hit by month long ransomware attacks
Post by: Nusrat Jahan Momo on November 20, 2017, 03:27:52 PM
ONI goes phishing

It all started when security firm Cybereason analyzed some computers that were infected with a ransomware called ONI. This ransomware has been analyzed before, but it was not understood how the ONI victims were being infected. After analysis by Cybereason researchers, it was discovered that the infected computers had also been previously targeted by a spear phishing campaign that installs a RAT, or Remote Access Trojan, on the victim's computer.

These phishing emails pretend to be receipts that contain a zip attachment with a malicious Word document inside it. When a user opens the document and enables macros, a VBScript script will be launched that downloads and install a copy of the Ammyy Admin RAT onto the infected computer.

By Lawrence Abrams
Title: Re: Japanese companies hit by month long ransomware attacks
Post by: afrin.ns on February 17, 2018, 02:22:45 PM
Thanks for sharing
Title: Re: Japanese companies hit by month long ransomware attacks
Post by: Raisa on June 05, 2018, 09:53:09 AM
nice