Difference between revisions of "Ransomware report: the rise of BandarChor"
Jump to navigation
Jump to search
m (Eric.freyssinet moved page Ransomware Report: The Rise of BandarChor to Ransomware report: the rise of BandarChor without leaving a redirect) |
|||
| Line 7: | Line 7: | ||
|Author=FSLabs, | |Author=FSLabs, | ||
|Type=Blogpost | |Type=Blogpost | ||
|Abstract=This week, we have received a number of reports on yet another ransomware, BandarChor. | |||
This ransomware is not exactly fresh. The first infections that we've noticed related to this family came already last November. | |||
November | |||
We have had reports of BandarChor being spread via email and have seen indicators that it may have been distributed by exploit kits. | |||
Upon execution, the malware drops a copy of itself in Startup directory as well as the ransom notification image. | |||
}} | }} | ||
Latest revision as of 22:34, 10 August 2015
(Publication) Google search: [1]
| Ransomware report: the rise of BandarChor | |
|---|---|
| Botnet | BandarChor |
| Malware | |
| Botnet/malware group | |
| Exploit kits | |
| Services | |
| Feature | |
| Distribution vector | |
| Target | |
| Origin | |
| Campaign | |
| Operation/Working group | |
| Vulnerability | |
| CCProtocol | |
| Date | 2015 / 2015-03-06 |
| Editor/Conference | F-Secure |
| Link | https://www.f-secure.com/weblog/archives/00002795.html (Archive copy) |
| Author | FSLabs |
| Type | Blogpost |
Abstract
“ This week, we have received a number of reports on yet another ransomware, BandarChor.
This ransomware is not exactly fresh. The first infections that we've noticed related to this family came already last November.
November
We have had reports of BandarChor being spread via email and have seen indicators that it may have been distributed by exploit kits.
Upon execution, the malware drops a copy of itself in Startup directory as well as the ransom notification image.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2015BFR4631,
editor = {F-Secure},
author = {FSLabs},
title = {Ransomware report: the rise of BandarChor},
date = {06},
month = Mar,
year = {2015},
howpublished = {\url{https://www.f-secure.com/weblog/archives/00002795.html}},
}