GandCrab Ransomware Found Hiding on Legitimate Websites

Discussion in '0-day Release' started by silversurfer, May 11, 2018.

  1. silversurfer

    silversurfer Malware Tester Silver Member

    The GandCrab ransomware continues to virulently spread and adapt to shifting cyber-conditions, most recently crawling back into relevance on the back of several large-scale spam campaigns.

    What’s interesting is that GandCrab payload was found hiding on legitimate but compromised websites. These, when analyzed, were found to be riddled with vulnerabilities stemming from outdated software, highlighting one of the biggest issues when it comes to the security of cyberspace.

    “Most small businesses aren’t aware that a new vulnerability has been released against a web framework and even if they did, most lack the expertise and time to be able to frequently update the software that the companies’ websites rely upon,” explained Cisco Talos researcher Nick Biasini, who, along with fellow researchers Nick Lister and Christopher Marczewski, examined the campaigns and published an analysis on Wednesday.

    Full Article:
    RGiskardR likes this.
  2. Google Adsense

Share This Page