Faculty of Science and Information Technology > Evening Program (FSIT)

Japanese companies hit by month long ransomware attacks

(1/1)

Nusrat Jahan Momo:
ONI goes phishing

It all started when security firm Cybereason analyzed some computers that were infected with a ransomware called ONI. This ransomware has been analyzed before, but it was not understood how the ONI victims were being infected. After analysis by Cybereason researchers, it was discovered that the infected computers had also been previously targeted by a spear phishing campaign that installs a RAT, or Remote Access Trojan, on the victim's computer.

These phishing emails pretend to be receipts that contain a zip attachment with a malicious Word document inside it. When a user opens the document and enables macros, a VBScript script will be launched that downloads and install a copy of the Ammyy Admin RAT onto the infected computer.

By Lawrence Abrams

afrin.ns:
Thanks for sharing

Raisa:
nice

rokeya24:
good post

Navigation

[0] Message Index