Dorifel crypto malware paralyzes Dutch companies and public sector
(Publication) Google search: [1]
Dorifel crypto malware paralyzes Dutch companies and public sector | |
---|---|
Botnet | Citadel, Dorifel |
Malware | |
Botnet/malware group | |
Exploit kits | |
Services | |
Feature | |
Distribution vector | Citadel |
Target | |
Origin | |
Campaign | |
Operation/Working group | |
Vulnerability | |
CCProtocol | |
Date | 2012 / Aug 09,2012 |
Editor/Conference | Emsisoft |
Link | http://blog.emsisoft.com/2012/08/09/dorifel-crypto-malware-paralyzes-dutch-companies-and-public-sector/ blog.emsisoft.com (blog.emsisoft.com Archive copy) |
Author | |
Type |
Abstract
“ Systems in the Netherlands are currently being hit hard by a new wave of crypto malware named “Trojan-Ransom.Win32.Dorifel”. Based on press reports as well as our own telemetry gathered through our Emsisoft Anti-Malware Network thousands of Dutch systems are already infected. The majority of them located in government, public sector or company networks.
Based on preliminary research “Dorifel” usually enters new networks and systems through the use of a different malware: “Citadel”. “Citadel” belongs to the family of financial malware and is closely related to the “ZeuS” bot family. It comes to no surprise that this isn’t the first time that the “Citadel” bot net is used to infect systems with different malware. Just a few weeks ago at the beginning of July “Citadel” was used to infect tens of thousands of PCs with the “Reveton” ransomware.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR1079, editor = {Emsisoft}, author = {}, title = {Dorifel crypto malware paralyzes Dutch companies and public sector}, date = {09}, month = Aug, year = {2012}, howpublished = {\url{http://blog.emsisoft.com/2012/08/09/dorifel-crypto-malware-paralyzes-dutch-companies-and-public-sector/ blog.emsisoft.com}}, }