Aug 302017
 

I mentioned this ransomware incident the other day, but now Catalin Cimpanu has a really good article with much detail about the ransomware and ransom demands, etc. You can read his report on BleepingComputer.

Catalin’s article answers one question I had posed about the NHS Lanarkshire incident – the ransomware is believed to be installed by attackers performing brute-force attacks on exposed RDP endpoints and then moving laterally on the network, installing Bit Paymer manually on each compromised system.

Sorry, the comment form is closed at this time.