What should we do if we become victims of ransomware?
1. What is ransomware and what impact does it have? In this article, we will explore how to proceed in the event that our systems have been compromised by ransomware, something that has become quite common in recent times. Ransomware is defined as a type of malicious program (malware) that encrypts the computer data of infected machines and demands a ransom payment, usually in cryptocurrencies (Bitcoin, Monero, etc.), in exchange for removing this restriction and restoring data access to the victim. A ransomware attack can result in significant financial losses for companies. If they don’t have recovery plans in place …
Remote Desktop Attacks – Ransomware Entry
1. Introduction and Objectives In this article, we will briefly explain the methodology employed by certain criminal groups to gain access to computer systems by exploiting their Remote Desktop Services (RDP). This methodology for installing various types of malware has been observed in a large number of forensic analyses of ransomware attacks, and it’s not surprising considering the ease and nature of exploitation, as we will see throughout this article. To follow along, you will need to have at least basic knowledge of brute force tools and exploit launching. We will be using Kali Linux as the attacking machine. 2. …