Palo Alto Networks cybersecurity experts: The malware uses AES-256 and RSA-2048 to encrypt files, and the ransom note includes 2 email addresses to contact for pay.
Palo Alto Networks cyber security experts: The malware was configured to overwrite the master boot record (MBR), and contains network-spreading functionality.
Netscout cyber security experts: The cryptojacking and DDoS malware includes additional tools and a port to the operating system. The bot supports TCP, UCP, ICMP, and HTTP-based attacks.
Palo Alto Networks cyber security experts: malicious code exploits multiple vulnerabilities to spread. In addition, it can steal info, launch DDos attacks and cryptojacking.
Palo Alto Networks cyber security experts identified a Hub account, azurenql, that was hosting six malicious images intended to mine the cryptocurrency. They have been pulled more than two million times.
Palo Alto Networks cyber security experts: Over 300 coronavirus themed malicious code samples communicated with 20 unique IP addresses and domain indicators of compromise (IOCs).
Palo Alto Networks cyber security experts: Latest Mirai variant contains a total of 71 unique exploits, 13 of these vulnerabilities haven’t been previously seen exploited.
Palo Alto Networks cyber security experts: Malware variants are distributed due to lack of updating and patching the web servers, and thanks to WordPress vulnerabilities.