Ransomware or Wiper? LockerGoga Straddles the Line

From Botnets.fr
Revision as of 10:10, 23 March 2019 by Eric.freyssinet (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

(Publication) Link to the old Wiki page : [1] / Google search: [2]

Ransomware or Wiper? LockerGoga Straddles the Line
Botnet LockerGoga
Malware
Botnet/malware group Ransomware, Wiper
Exploit kits
Services
Feature
Distribution vector
Target Norsk Hydro
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date 2019 / 2019/03/20
Editor/Conference Cisco Talos Intelligence
Link https://blog.talosintelligence.com/2019/03/lockergoga.html (Archive copy)
Author Nick Biasini
Type Blogpost

Abstract

Some of the later versions of LockerGoga, while still employing the same encryption, have also been observed forcibly logging the victim off of the infected systems and removing their ability to log back in to the system following the encryption process. The consequence is that in many cases, the victim may not even be able to view the ransom note, let alone attempt to comply with any ransom demands. These later versions of LockerGoga could then be described as destructive.

Bibtex

 @misc{Biasini2019BFR5358,
   editor = {Cisco Talos Intelligence},
   author = {Nick Biasini},
   title = {Ransomware or Wiper? LockerGoga Straddles the Line},
   date = {20},
   month = Mar,
   year = {2019},
   howpublished = {\url{https://blog.talosintelligence.com/2019/03/lockergoga.html}},
 }