Triton targets the industrial control systems made by Schneider Electric which are used in 18,000 different plants around the world.
The attack targeted the computer’s UEFI, which stands for Unified Extensible Firmware Interface, and is used to boot up the system. By re-writing the UEFI, the malware can persist inside the computer’s flash memory, allowing it to survive operating system re-installs and hard disk replacements.
Malware threats come without warning and can wreak havoc on an environment. If a user’s device or information is compromised, he or she may have to wait for IT to rectify the issue. Part of the waiting process is determining which type of threat is causing harm.
Android.Banker.L — combines the functionality of banking Trojans, keyloggers and ransomware to compromise victim devices and steal data. As reported by Quick Heal, the latest…
In a camera-ready twist, the demand for ransom actually did come in the form of an analog note. Users were instructed to turn on their printers, which promptly spat out a demand for a “licensing fee” of $189 to be paid …
From the looks of images being posted across social media, the ransomware note is in English and demanding $300 in Bitcoin, similar to the WannaCry ransom.
We are obviously researching on malware and system vulnerabilities that have existed and those emerging. The recent cyber attacks have been an eye opener for us here at cod.e
After finding the reference to this domain in the Trojan’s code, the researcher registered the domain, thus suspending the attack. In the remainder of the day, the domain was addressed tens of thousands of times, which means that tens of thousands of computers were spared.
The attack started on Friday, 12 May 2017, infecting more than 230,000 computers in 150 countries, with the software demanding ransom payments in the cryptocurrency Bitcoin in 28 languages.
The hack tricks unsuspecting users into opening infected Word documents which subsequently run malicious macros once the file has been loaded.