Malware News GandCrab Ransomware Spreads Via NSA Exploit

silversurfer

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,154
Content source
https://www.securityweek.com/gandcrab-ransomware-spreads-nsa-exploit
GandCrab, a ransomware family that has received numerous updates in recent months, is now attempting to infect Windows XP machines using the NSA-linked EternalBlue exploit.

The malware is usually spreading via spam emails, but GandCrab 4, which first emerged earlier this month, is being distributed via compromised websites, Fortinet says. The malware now appends the .KRAB extension to the encrypted files.
Click to expand...
Both the malware executable and the download links are being updated regularly, the security researchers say. In fact, within days after version 4 emerged, the ransomware authors released GandCrab 4.1, which has already showed signs of network communication.

More importantly, as security researcher Kevin Beaumont has discovered, the ransomware is also attempting to spread through the National Security Agency’s EternalBlue SMB exploit.
Click to expand...
 
  • Like
Reactions: LASER_oneXM, yitworths, Weebarra and 9 others
upnorth

upnorth

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,459
Microsoft was serious about SMB1 already 2016.
Stop using SMB1. Stop using SMB1. STOP USING SMB1!
Click to expand...

Stop using SMB1

1*SURQTGB6d5UmSCWwLnQ9GQ.png
 
  • Like
Reactions: LASER_oneXM, Weebarra, vtqhtr413 and 3 others
You must log in or register to reply here.

Similar threads

[correlate]
    • Like
    • +Reputation
    • Applause
Fake WinRAR proof-of-concept exploit drops VenomRAT malware
Replies
1
Views
1,168
News Archive
SumTingWong
SumTingWong
silversurfer
    • Like
    • +Reputation
New ZenRAT Malware Targeting Windows Users via Fake Password Manager Software
Replies
0
Views
1,139
News Archive
silversurfer
silversurfer
Gandalf_The_Grey
    • Like
    • +Reputation
HelloKitty ransomware source code leaked on hacking forum
Replies
1
Views
1,363
News Archive
cruelsister
cruelsister

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top