TrueCut Security,Inc.

Next_Gen Endpoint Protection
trueEP

News

최신뉴스
Title Todays Ransomware - BlackBit
Name Operator Date 2023-04-18 View 254
File 파일 Today ransomware_Blackbit.pdf

It has been confirmed that BlackBit ransomware disguised as svchost.exe, an MS NT host process, is being distributed.

svchost.exe is the generic host process for handling background services in Windows NT.


It has been also confirmed that Blackbit Ransomware performs various preparation tasks such as 

△maintaining the continuity of the attack △preventing recovery △securing information leakage path 

△terminating some processes before performing encryption.


As a result of obtaining and testing the this ransomware, 

it was confirmed that the attack of this ransomware was defended by trueEP's malicious behavior prevention algorithm.


이전글   다음글