525, Gangnam-daero, Seocho-gu, Seoul, Republic of Korea l Tel :822-3448-0880 l Fax : 822-3448-0804 l Email : jsshim@truecut.co.kr
Copyright (C) 2015 TrueCut Security, Inc. All Right Reserved.
Title | Todays Ransomware - BlackBit | ||||
---|---|---|---|---|---|
Name | Operator | Date | 2023-04-18 | View | 254 |
File | Today ransomware_Blackbit.pdf | ||||
It has been confirmed that BlackBit ransomware disguised as svchost.exe, an MS NT host process, is being distributed. svchost.exe is the generic host process for handling background services in Windows NT. It has been also confirmed that Blackbit Ransomware performs various preparation tasks such as △maintaining the continuity of the attack △preventing recovery △securing information leakage path △terminating some processes before performing encryption. As a result of obtaining and testing the this ransomware, it was confirmed that the attack of this ransomware was defended by trueEP's malicious behavior prevention algorithm. |