Difference between revisions of "Ransomware or Wiper? LockerGoga Straddles the Line"

From Botnets.fr
Jump to navigation Jump to search
(Created page with "{{Publication| Link=https://blog.talosintelligence.com/2019/03/lockergoga.html}}")
 
 
Line 1: Line 1:
{{Publication| Link=https://blog.talosintelligence.com/2019/03/lockergoga.html}}
+
{{Publication
 +
|Botnet=LockerGoga,
 +
|Target=Norsk Hydro,
 +
|Group=Ransomware, Wiper,
 +
|Year=2019
 +
|Date=2019/03/20
 +
|Editor=Cisco Talos Intelligence
 +
|Link=https://blog.talosintelligence.com/2019/03/lockergoga.html
 +
|Author=Nick Biasini,
 +
|Type=Blogpost
 +
|Abstract=Some of the later versions of LockerGoga, while still employing the same encryption, have also been observed forcibly logging the victim off of the infected systems and removing their ability to log back in to the system following the encryption process. The consequence is that in many cases, the victim may not even be able to view the ransom note, let alone attempt to comply with any ransom demands. These later versions of LockerGoga could then be described as destructive.
 +
}}

Latest revision as of 10:10, 23 March 2019

(Publication) Link to the old Wiki page : [1] / Google search: [2]

Ransomware or Wiper? LockerGoga Straddles the Line
Botnet LockerGoga
Malware
Botnet/malware group Ransomware, Wiper
Exploit kits
Services
Feature
Distribution vector
Target Norsk Hydro
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date 2019 / 2019/03/20
Editor/Conference Cisco Talos Intelligence
Link https://blog.talosintelligence.com/2019/03/lockergoga.html (Archive copy)
Author Nick Biasini
Type Blogpost

Abstract

Some of the later versions of LockerGoga, while still employing the same encryption, have also been observed forcibly logging the victim off of the infected systems and removing their ability to log back in to the system following the encryption process. The consequence is that in many cases, the victim may not even be able to view the ransom note, let alone attempt to comply with any ransom demands. These later versions of LockerGoga could then be described as destructive.

Bibtex

 @misc{Biasini2019BFR5358,
   editor = {Cisco Talos Intelligence},
   author = {Nick Biasini},
   title = {Ransomware or Wiper? LockerGoga Straddles the Line},
   date = {20},
   month = Mar,
   year = {2019},
   howpublished = {\url{https://blog.talosintelligence.com/2019/03/lockergoga.html}},
 }