Ransomware or Wiper? LockerGoga Straddles the Line

From Botnets.fr
Revision as of 11:10, 23 March 2019 by Eric.freyssinet (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

(Publication) Link to the old Wiki page : [1] / Google search: [2]

Ransomware or Wiper? LockerGoga Straddles the Line
Botnet LockerGoga
Botnet/malware group Ransomware, Wiper
Exploit kits
Distribution vector
Target Norsk Hydro
Operation/Working group
Date 2019 / 2019/03/20
Editor/Conference Cisco Talos Intelligence
Link https://blog.talosintelligence.com/2019/03/lockergoga.html (Archive copy)
Author Nick Biasini
Type Blogpost


Some of the later versions of LockerGoga, while still employing the same encryption, have also been observed forcibly logging the victim off of the infected systems and removing their ability to log back in to the system following the encryption process. The consequence is that in many cases, the victim may not even be able to view the ransom note, let alone attempt to comply with any ransom demands. These later versions of LockerGoga could then be described as destructive.


   editor = {Cisco Talos Intelligence},
   author = {Nick Biasini},
   title = {Ransomware or Wiper? LockerGoga Straddles the Line},
   date = {20},
   month = Mar,
   year = {2019},
   howpublished = {\url{https://blog.talosintelligence.com/2019/03/lockergoga.html}},