Sunday, March 7, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

This ransomware has learned a new trick: Scanning for point of sales devices

June 23, 2020
in Internet Security
Paradise ransomware: Now victims can get their files back for free with this decryption tool
585
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

One of the world’s most prolific and successful ransomware groups is now scanning the networks of victims to check for credit card and point of sale (PoS) software in what looks to be an additional method of making money from attacks.

Sodinokibi – also known as REvil – emerged in April 2019 and it has gone onto be one of the most damaging families of ransomware in the world today.

You might also like

Maza Russian cybercriminal forum suffers data breach

Okta and Auth0: A $6.5 billion bet that identity will warrant its own cloud

CISA issues emergency directive to agencies: Deal with Microsoft Exchange zero-days now

Networks of a number of high-profile organisations have been encrypted in Sodinokibi campaigns, with the attackers demanding ransoms of hundreds of thousands – and sometimes millions – of dollars in exchange for the return for the decryption key.

In a significant percentage of cases, the victim feels as if they’ve got no choice but to give into the demand in order to restore functionality.

But now researchers at Symantec have spotted a new element in recent campaigns, with the attackers scanning compromised networks for PoS software.

SEE: Cybersecurity: Let’s get tactical (ZDNet/TechRepublic special feature) | Download the free PDF version (TechRepublic)

It’s possible that the attackers could be looking to scrape this information as means of making additional money from campaigns, either by directly using the payment information themselves to raid accounts, or to sell it on to others on underground forums.

This wouldn’t be the first time the hackers behind Sodinokibi have looked to exploit data they’ve compromised in attack; along with the Maze ransomware group, they’ve threatened to release information stolen from victims if they don’t pay the ransom – and they’re now auctioning it off to the highest bidder.

“The scanning of victim systems for PoS software is interesting, as this is not typically something you see happening alongside targeted ransomware attacks,” wrote Symantec researchers.

“It will be interesting to see if this was just opportunistic activity in this campaign, or if it is set to be a new tactic adopted by targeted ransomware gangs”.

Sodinokibi’s new PoS scanning technique has been spotted in a campaign targeting the services, food and healthcare sectors. Researchers describe the two victims in the food and services arena as large, multi-site organisations that would be seen by attackers as capable of paying a large ransom.

SEE: Ransomware: 11 steps you should take to protect against disaster

The healthcare organisation is described as much smaller and the researchers suggest that the attackers may have scanned for payment information in this instance as means of trying to figure out if there was another way of making money from the attack if the victim didn’t pay.

Whatever the reason Sodinokibi is now scanning for credit card and payment information is, it still remains a highly effective form of ransomware and organisations are still falling foul of it.

“One thing that is clear is the actors using Sodinokibi are sophisticated and skilled and show no sign that their activity is likely to decrease anytime soon,” said researchers.

Sodinokibi spreads by exploiting a Windows zero-day vulnerability which was actually patched in October 2018.

Therefore, one of the best ways an organisation can prevent itself from falling victim to Sodinokibi – and many other ransomware or malware attacks – is to ensure the network is patched with the most recent security updates to protect against known vulnerabilities.

READ MORE ON CYBERSECURITY

Credit: Zdnet

Previous Post

VirusTotal Adds Cynet's Artificial Intelligence-Based Malware Detection

Next Post

Why Convolutional Neural Network is not so good enough. ?(Capsule Network)

Related Posts

Maza Russian cybercriminal forum suffers data breach
Internet Security

Maza Russian cybercriminal forum suffers data breach

March 7, 2021
Okta and Auth0: A $6.5 billion bet that identity will warrant its own cloud
Internet Security

Okta and Auth0: A $6.5 billion bet that identity will warrant its own cloud

March 7, 2021
CISA issues emergency directive to agencies: Deal with Microsoft Exchange zero-days now
Internet Security

CISA issues emergency directive to agencies: Deal with Microsoft Exchange zero-days now

March 7, 2021
Linux distributions: All the talent and hard work that goes into building a good one
Internet Security

Linux distributions: All the talent and hard work that goes into building a good one

March 7, 2021
Check to see if you’re vulnerable to Microsoft Exchange Server zero-days using this tool
Internet Security

Check to see if you’re vulnerable to Microsoft Exchange Server zero-days using this tool

March 7, 2021
Next Post
Why Convolutional Neural Network is not so good enough. ?(Capsule Network)

Why Convolutional Neural Network is not so good enough. ?(Capsule Network)

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Machine Learning Market Expansion Projected to Gain an Uptick During 2021-2027
Machine Learning

Machine Learning Market Expansion Projected to Gain an Uptick During 2021-2027

March 7, 2021
Maza Russian cybercriminal forum suffers data breach
Internet Security

Maza Russian cybercriminal forum suffers data breach

March 7, 2021
Clinical presentation of COVID-19 – a model derived by a machine learning algorithm
Machine Learning

Clinical presentation of COVID-19 – a model derived by a machine learning algorithm

March 7, 2021
Okta and Auth0: A $6.5 billion bet that identity will warrant its own cloud
Internet Security

Okta and Auth0: A $6.5 billion bet that identity will warrant its own cloud

March 7, 2021
Researchers at Utrecht University Develop an Open-Source Machine Learning (ML) Framework Called ASReview to Help Researchers Carry Out Systematic Reviews
Machine Learning

Researchers at Utrecht University Develop an Open-Source Machine Learning (ML) Framework Called ASReview to Help Researchers Carry Out Systematic Reviews

March 7, 2021
CISA issues emergency directive to agencies: Deal with Microsoft Exchange zero-days now
Internet Security

CISA issues emergency directive to agencies: Deal with Microsoft Exchange zero-days now

March 7, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Machine Learning Market Expansion Projected to Gain an Uptick During 2021-2027 March 7, 2021
  • Maza Russian cybercriminal forum suffers data breach March 7, 2021
  • Clinical presentation of COVID-19 – a model derived by a machine learning algorithm March 7, 2021
  • Okta and Auth0: A $6.5 billion bet that identity will warrant its own cloud March 7, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates