Tue, 02 Mar 2021 Today's Paper

New Ransomware: CERT issues high-level alert

24 May 2020 11:54 am - 1     - {{hitsCtrl.values.hits}}

A A A

There was a high-level threat as new threat of Ransomware could attack companies and individuals worldwide, the Computer Emergency Readiness Team (SLCERT) has warned.

While issuing a notice, the SLCERT said the ransomware Sodinokibi, also known as REvil is a name for a family of advanced Ransomware.

“It encrypts (makes files and folders unreadable) important files in various formats and demands a ransom to decrypt (make files and folders readable) them,” an official at the SLCERT said.

The said said the Sodinokibi was observed propagating itself by exploiting a vulnerability in Oracle WebLogic server (CVE-2019-2725).

Later, Cyber-criminal Groups have further propagated this ransomware through infected email attachments (macros), torrent websites, phishing or by spreading infected links through online advertisements etc.

It was first reported in Asia but it is now a worldwide threat, they said.

The attackers send a ransom note through a text (.txt) file and /or by a message that would appear on the victim’s computer screen. To decrypt data, attackers request users to visit their website using one of the two links provided; one of which has to be opened using the Tor browser and the other with commonly used browsers. Victims have to provide the key and extension name included in the ransom message. The victim is then informed of the payment details and instructions to be followed.

The Sodinokibi has attacked a wide array of companies including Telecommunication service providers, Law Firms and IT Services causing service disruptions and information losses.

Further, it has targeted celebrities and prominent individuals threatening to release their sensitive information online.

“After the attack, it will loss important files and documents of the victim company’s data. They could expose confidential information to unauthorized parties. They may result in a complete or partial shutdown of your company’s operations, they may damage your company’s reputation or create financial losses,” CERT said.

Therefore, the SLCERT request people not to download files from suspicious sources or click on suspicious links. Not to download decryption tools from suspicious sources.

“The CERT requests users to make multiple backups of data regularly, and keep them offline and/or store off-site,” it said.

“CERT requests to increase the security of backup with additional ransomware protection software and to update and install the latest security patches on installed third-party software,” the official said.

The users should aware of keeping their virus guards and operating systems up to date and to monitor the latest malware infections and patterns.

If any computer/s infected by the Sodinokibi attack it is better to isolate the infected computers from the network.

The payment of ransom is not recommended since there is no guarantee that you will get your data back, the SLCERT added. (Chaturanga Samarawickrama)

See Kapruka's top selling online shopping categories such as Toys, Grocery, Flowers, Birthday Cakes, Fruits, Chocolates, Clothing and Electronics. Also see Kapruka's unique online services such as Money Remittence,News, Courier/Delivery, Food Delivery and over 700 top brands. Also get products from Amazon & Ebay via Kapruka Gloabal Shop into Sri Lanka.

 

  Comments - 1

See Kapruka's top selling online shopping categories such as Toys, Grocery, Flowers, Birthday Cakes, Fruits, Chocolates, Clothing and Electronics. Also see Kapruka's unique online services such as Money Remittence,News, Courier/Delivery, Food Delivery and over 700 top brands. Also get products from Amazon & Ebay via Kapruka Gloabal Shop into Sri Lanka.

 

 
  • BigEars Sunday, 24 May 2020 01:05 PM

    Do not open or send attachments from unknown addresses. Sri Lankans are great at sharing with no creativity.


Add comment

Comments will be edited (grammar, spelling and slang) and authorized at the discretion of Daily Mirror online. The website also has the right not to publish selected comments.

Reply To:

Name - Reply Comment




42 trees felled; Ambagamuwa PS Chairman - a law unto himself ! Unjust enrichment via natural resources

Ambagamuwa Pradesha Sabha (PS) Chairman Jayasanka Perera was allegedly accuse

The Man Behind Moves to Form the “BJP” in Sri Lanka

The flower bud is the accredited electoral symbol of the Sri Lanka Podujana P

Is it a giant leap backwards in the name of patriarchy?

154 years after the Sri Lanka Police was established, an Acting Woman Deputy

DIG Bimshani talks about patriarchal beliefs and perceptions towards women

On September 21, 2020 The National Police Commission granted approval to prom

See Kapruka's top selling online shopping categories such as Toys, Grocery, Flowers, Birthday Cakes, Fruits, Chocolates, Clothing and Electronics. Also see Kapruka's unique online services such as Money Remittence,News, Courier/Delivery, Food Delivery and over 700 top brands. Also get products from Amazon & Ebay via Kapruka Gloabal Shop into Sri Lanka.