Difference between revisions of "Ransomware or Wiper? LockerGoga Straddles the Line"
Jump to navigation
Jump to search
(Created page with "{{Publication| Link=https://blog.talosintelligence.com/2019/03/lockergoga.html}}") |
|||
| Line 1: | Line 1: | ||
{{Publication| Link=https://blog.talosintelligence.com/2019/03/lockergoga.html}} | {{Publication | ||
|Botnet=LockerGoga, | |||
|Target=Norsk Hydro, | |||
|Group=Ransomware, Wiper, | |||
|Year=2019 | |||
|Date=2019/03/20 | |||
|Editor=Cisco Talos Intelligence | |||
|Link=https://blog.talosintelligence.com/2019/03/lockergoga.html | |||
|Author=Nick Biasini, | |||
|Type=Blogpost | |||
|Abstract=Some of the later versions of LockerGoga, while still employing the same encryption, have also been observed forcibly logging the victim off of the infected systems and removing their ability to log back in to the system following the encryption process. The consequence is that in many cases, the victim may not even be able to view the ransom note, let alone attempt to comply with any ransom demands. These later versions of LockerGoga could then be described as destructive. | |||
}} | |||
Latest revision as of 11:10, 23 March 2019
(Publication) Google search: [1]
| Ransomware or Wiper? LockerGoga Straddles the Line | |
|---|---|
| Botnet | LockerGoga |
| Malware | |
| Botnet/malware group | Ransomware, Wiper |
| Exploit kits | |
| Services | |
| Feature | |
| Distribution vector | |
| Target | Norsk Hydro |
| Origin | |
| Campaign | |
| Operation/Working group | |
| Vulnerability | |
| CCProtocol | |
| Date | 2019 / 2019/03/20 |
| Editor/Conference | Cisco Talos Intelligence |
| Link | https://blog.talosintelligence.com/2019/03/lockergoga.html (Archive copy) |
| Author | Nick Biasini |
| Type | Blogpost |
Abstract
“ Some of the later versions of LockerGoga, while still employing the same encryption, have also been observed forcibly logging the victim off of the infected systems and removing their ability to log back in to the system following the encryption process. The consequence is that in many cases, the victim may not even be able to view the ransom note, let alone attempt to comply with any ransom demands. These later versions of LockerGoga could then be described as destructive.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2019BFR5358,
editor = {Cisco Talos Intelligence},
author = {Nick Biasini},
title = {Ransomware or Wiper? LockerGoga Straddles the Line},
date = {20},
month = Mar,
year = {2019},
howpublished = {\url{https://blog.talosintelligence.com/2019/03/lockergoga.html}},
}