
Malicious Life Podcast: Why Do APTs Use Ransomware?
Threat Research lead Assaf Dahan discusses new discoveries about Iranian APTs Moses Staff and Phosphorus that blur the line between state-sponsored attacks and criminal activity - check it out…
Lital Asher-Dotan
NotPetya ransomware has affected hundreds of organizations across Europe and across the world.
Since we discovered the attack, our team has been quite busy. In addition to discovering a kill switch that stops NotPetya in it’s tracks we’ve also:
NotPetya encrypts files only after the machine is rebooted - unlike most ransomware that encrypts files as soon as it executes. NotPetya spreads throughout the network, extracts admin credentials, and schedules a task to reboot the machine. As soon as a victim reboots their machine, NotPetya overwrites the Master Boot Record (MBR) with a malicious payload that encrypts the full disk.
Cybereason collects and analyzes behavioral data to identify if and when malicious activity occurs in an environment. In the case of NotPetya and other MBR-based ransomware, the solution detects malicious activity that attempts to affect the MBR. If a protected machine is infected with NotPetya, Cybereason will detect the activity and block NotPetya from encrypting any data. An infected machine will still be rebooted, but Cybereason will restore the original MBR to annihilate NotPetya’s ability to succeed.
Download RansomFree for free ransomware protection.
Lital is a Marketing Team Leader, Storyteller, Technology Marketing Expert. She joined Cybereason as the first marketing hire and built a full marketing department. Specializing in brand building, product marketing, communication and content. Passionate about building ROI-driven marketing teams.
Threat Research lead Assaf Dahan discusses new discoveries about Iranian APTs Moses Staff and Phosphorus that blur the line between state-sponsored attacks and criminal activity - check it out…
In this episode, we go back to the Yom Kippur War of 1973 to discover how a national trauma and an intelligence failure paved the way for Israel to become a cybersecurity mini-empire - check it out…
Threat Research lead Assaf Dahan discusses new discoveries about Iranian APTs Moses Staff and Phosphorus that blur the line between state-sponsored attacks and criminal activity - check it out…
In this episode, we go back to the Yom Kippur War of 1973 to discover how a national trauma and an intelligence failure paved the way for Israel to become a cybersecurity mini-empire - check it out…
Get the latest research, expert insights, and security industry news.
Subscribe