Skip to main content

'NamPoHyu Virus' Ransomware Targets Remote Samba Servers

posted onApril 17, 2019
by l33tdawg
Bleeping Computer
Credit: Bleeping Computer

A new ransomware family called NamPoHyu Virus or MegaLocker Virus is targeting victims a bit differently than other ransomware. Instead of an executable running on a victim's computer, the attacker is running the ransomware locally and having it remotely encrypt accessible Samba servers.

Ransomware infections are typically installed on the computer that will be encrypted, whether that be through other malware, malicious email attachments, or by the attackers hacking a computer or network.

This new ransomware is doing things differently by searching for accessible Samba servers, brute forcing the passwords, and then remotely encrypting their files and creating ransom notes.

Source

Tags

Security

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th