Top
item
Advertisement
image credit: Rawpixel

Uncommon infection and malware propagation methods

October 5, 2022

Via: Securelist
Category:

BlackBasta: a new propagation method

BlackBasta, the notorious ransomware we have written about before, recently received an update. It now has a second optional command line parameter: “-bomb”.

When that parameter is used, the malware does the following:

  1. сonnect to the AD using the LDAP library and obtain a list of machines on the network,
  2. using the list of machines, copy itself to each machine,
  3. using the Component Object Model (COM), run remotely on each machine.

Read More on Securelist

RELATED PUBLICATIONS

Dangerous ICS Malware Targets Orgs in Russia and Ukraine
Ukrainian Blackjack group used ICS malware Fuxnet against Russian targets
TA547 targets German organizations with Rhadamanthys malware

Latest Publications

Hackers Exploit OpenMetadata Flaws to Mine Crypto on Kubernetes
OpenAI’s GPT-4 can exploit real vulnerabilities by reading security advisories
Dangerous ICS Malware Targets Orgs in Russia and Ukraine
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!