2017 was the year that ransomware and it's true impact became public knowledge. With widespread attacks like WannaCry and Not Petya grabbing eyeballs for all the wrong reasons, ransomware attacks have become a deadly threat for various organisations. Let's take a look at the most virulent attacks from this year!
This article is in continuation with the previous post, Some more deep investigation has been done which is reported in this article.
Sample : 593bbcc8f34047da9960b8456094c0eaf69caaf16f1626b813484207df8bd8af
The sample has all the 3 bitcoin addresses hard-coded in the malware. The reason why all the three bitcoin wallet addresses are embedded is to ensure that incase one address cannot proceed the payment the other wallet addresses will be used.
In light to the recent cyber attack of ransomware which goes by the name “WannaCry” has affected more over 99 countries. This attack is believed to use the exploit tool called “ETERNALBLUE” which was leaked from the NSA, by the hacker group called ShadowBrokers.