1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Ransomware gangs using clever new technique to dance past securit

    From TechnologyDaily@1337:1/100 to All on Mon Sep 12 14:45:03 2022
    Ransomware gangs using clever new technique to dance past security protections

    Date:
    Mon, 12 Sep 2022 13:25:34 +0000

    Description:
    Intermittent encryption is quickly gaining fame due to its speed and ability to go unnoticed.

    FULL STORY ======================================================================

    Ransomware operators have come up with a new encryption method that makes locking files faster, and less likely to be noticed by antivirus and other cybersecurity solutions, researchers have found.

    According to experts from SentinelLabs, a rising number of ransomware operators (including Black Basta, BlackCat, PLAY, and others) have started adopting a process called intermittent encryption, encrypting files
    partially, instead of completely.

    That way, the files are still rendered useless (unless the owners get a decryption key), but the encryption process takes significantly less time, with researchers adding they expect more groups to adopt the technique in the future. Multiple approaches

    Different groups approach intermittent encryption differently. Some will only encrypt the first few bytes of a file. Others will offer multiple choices, leaving it up to the ransomware deployers to decide. Some will break the
    files into multiple chunks, and encrypt only some of them. But whatever
    option they choose, theyre all equally dangerous, as this technique also
    helps them avoid endpoint protection tools, as well.

    As explained by the researchers, when looking for malware , automated detection tools look for intense file IO operations. As intermittent encryption isnt that intense, it can often fly under the radar.

    The only possible downside to the technique is that encrypting files
    partially might make it easier for the victims to recover them. Read more

    Microsoft sounds the alarm over dangerously simple ransomware kits


    You're a ransomware victim: Here's 5 things you should do


    Check out the best security keys around

    Despite some researchers claiming ransomwares losing steam, due to businesses deciding not to pay up, and opting for protections and backups instead, some threat actors are still quite active. Only last week, news broke of all schools in Los Angeles suffering such an attack, affecting 26,000 teachers
    and 600,000 students. It prompted the attention of the White House itself, alerting the Department of Education, the FBI and the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA). These are the best cloud backup solutions right now

    Via: BleepingComputer



    ======================================================================
    Link to news story: https://www.techradar.com/news/ransomware-gangs-using-clever-new-technique-to- dance-past-security-protections/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)