GoldenEye ransomeware attack affecting the cyber world
GoldenEye is the latest ransomware campaign that is unfolding worldwide. Bitdefender has preliminary information showing that the malware sample responsible for the infection is an almost identical clone of the GoldenEye ransomware family.
Unlike most ramsonware, the new GoldenEye variant has two layers of encryption: one that individually encrypts target files on the computer and another one that encrypts NTFS structures. This approach prevents victim computers from being booted up in a live OS environment and retrieving stored information or samples.
Just like Petya, GoldenEye encrypts the entire hard disk drive and denies the user access to the computer. However, unlike Petya, there is no workaround to help victims retrieve the decryption keys from the computer.
Additionally, after the encryption process is complete, the ransomware has a specialized routine that forcefully crashes the computer to trigger a reboot that renders the computer unusable until the $300 ransom is paid. The attack started today in Ukraine, Russia and Romania and we already see payments being made by infected users. Companies and government institutions are among the affected entities.
Bitdefender blocks the currently known samples of the new GoldenEye variant. If you are running a Bitdefender security solution for consumer or business, your computers are not in danger.
Tags: GoldenEye ransomeware attack, GoldenEye, ransomeware attack, ransomeware, cyber world, Petya, Bitdefender, cyber attack
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.