Blog | G5 Cyber Security

Magnitude exploit kit switches to GandCrab ransomware

Magnitude EK is now using a fileless technique to load the GandCrab ransomware. The payload is encoded and embedded in a scriplet that is later decoded in memory and executed. A ransom note is left with instructions on the next steps required to recover those files. Malwarebytes users are protected against this attack when either the Internet Explorer (CVE-2016-0189) or Flash Player (CRAB) exploits are fired. The latest version cannot be decrypted at the moment.”]

Source: https://blog.malwarebytes.com/threat-analysis/2018/04/magnitude-exploit-kit-switches-gandcrab-ransomware/

Exit mobile version