The ACCDFISA malware family – Ransomware targetting Windows servers

From Botnets.fr
Jump to navigation Jump to search

(Publication) Google search: [1]

The ACCDFISA malware family – Ransomware targetting Windows servers
Accdfisa-crypter service installation.png
Botnet Accdfisa
Malware
Botnet/malware group
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date 2012 / 11 avril 2012
Editor/Conference Emsisoft Lab
Link http://blog.emsisoft.com/2012/04/11/the-accdfisa-malware-family-ransomware-targetting-windows-servers/ blog.emsisoft.com (blog.emsisoft.com Archive copy)
Author
Type

Abstract

A few weeks ago our colleagues over at BleepingComputer approached us asking for help with a recent malware outbreak that specifically targets Windows servers. Several companies as well as individuals found their servers being locked by a malware that claims to originate from the “Anti Cyber Crime Department of Federal Internet Security Agency” or short “ACCDFISA”. Of course such an institution does not exist and even if it did, it surely wouldn’t ask the owner of the server to submit a certain dollar amount using PaySafeCard or MoneyPak codes. The affected servers fell prey to a new malware family that is currently on the loose.

The ACCDFISA malware family belongs to a malware category called “ransomware”. Ransomware is a special kind of malware that takes a system and its data hostage in an attempt to extort money from its owner in exchange for returning control back to him. What makes the ACCDFISA family special is the unorthodox way in which systems get infected as well as how various third party tools are used to accomplish the malware family’s goals.

Bibtex

 @misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR995,
   editor = {Emsisoft Lab},
   author = {},
   title = {The ACCDFISA malware family – Ransomware targetting Windows servers},
   date = {Error: Invalid time.},
   month = Error: Invalid time.,
   year = {2012},
   howpublished = {\url{http://blog.emsisoft.com/2012/04/11/the-accdfisa-malware-family-ransomware-targetting-windows-servers/ blog.emsisoft.com}},
 }

Retrieved from "https://www.botnets.fr/index.php?title=The_ACCDFISA_malware_family_–_Ransomware_targetting_Windows_servers&oldid=2193"