{"id":4178,"date":"2019-11-18T11:42:07","date_gmt":"2019-11-18T10:42:07","guid":{"rendered":"https:\/\/www.retarus.com\/blog\/it\/?p=4178"},"modified":"2021-08-20T10:13:50","modified_gmt":"2021-08-20T08:13:50","slug":"company-servers-fall-prey-to-unusual-new-ransomware","status":"publish","type":"post","link":"https:\/\/www.retarus.com\/blog\/it\/company-servers-fall-prey-to-unusual-new-ransomware\/","title":{"rendered":"Company servers fall prey to unusual new ransomware"},"content":{"rendered":"\n<p>A new ransomware campaign specifically targeting enterprise servers has been discovered by security researchers. The technology employed by the criminals indicates the involvement of notorious cyber gangsters.<\/p>\n\n\n\n<p>The new malware first attracted the\nattention of security analysts at Intezer and IBM\u2019s X-Force. The experts have named\nit \u201cPureLocker\u201d because it has been coded in PureBasic, <a href=\"https:\/\/www.zdnet.com\/article\/this-unusual-new-ransomware-is-going-after-servers\/\">as\nreported on \u201cZDNet\u201d<\/a>. On the one hand PureBasic occasionally makes it more\ndifficult to create dependable detection signatures, while on the other the\nprogramming language functions across the Windows, Linux and macOS platforms.<\/p>\n\n\n\n<p>&#8220;Targeting servers means the attackers\nare trying to hit their victims where it really hurts, especially databases\nwhich store the most critical information of the organization,&#8221; the\narticle cites Michael Kajiloti, a security researcher at Intezer, as saying. <\/p>\n\n\n\n<p>In the \u201cPureLocker\u201d source code, the\nexperts have found traces of the highly significant \u201cmore_eggs\u201d backdoor\nmalware. These same tools have recently been used by some of the most cunning\ncyber rings, including the Cobalt Gang and FIN6, the report adds.<\/p>\n\n\n\n<p>How exactly \u201cPureLocker\u201d is delivered to its victims, is not entirely clear yet. With \u201cmore_eggs\u201d, at any rate, phishing emails serve as the initial vector of attack. This could also be true in the case of \u201cPureLocker\u201d, where the final payload is most likely sent as the last step in an attack carried out in multiple stages.<\/p>\n\n\n\n<p>In times when such sophisticated, targeted, costly cyber attacks may strike at any moment, ongoing <a href=\"https:\/\/www.retarus.com\/blog\/it\/user-education-tips-email-security\/\">sensitization of staff<\/a> is as indispensible as powerful technical protection for the company\u2019s email infrastructure. Retarus\u2019 <a href=\"https:\/\/www.retarus.com\/it\/services\/email-security\/\">Secure Email Platform<\/a> provides an <a href=\"https:\/\/www.retarus.com\/press\/retarus-bolsters-its-email-security-services-with-innovative-new-functions\/\">effective phishing filter<\/a>, amongst many other essential services. Find out more about our services from our website or directly from your <a href=\"https:\/\/www.retarus.com\/it\/contact\/\">local Retarus representative<\/a>. <\/p>\n","protected":false},"excerpt":{"rendered":"<p>A new ransomware campaign specifically targeting the encryption of enterprise servers has been discovered by security researchers. The technology employed by the criminals indicates the involvement of notorious cyber gangsters.<\/p>\n","protected":false},"author":14,"featured_media":4180,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_et_pb_use_builder":"off","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"categories":[8,15],"tags":[102,416,198],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v22.5 (Yoast SEO v22.5) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Company servers fall prey to unusual new ransomware - Retarus Corporate Blog - IT<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.retarus.com\/blog\/it\/company-servers-fall-prey-to-unusual-new-ransomware\/\" \/>\n<meta property=\"og:locale\" content=\"it_IT\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Company servers fall prey to unusual new ransomware\" \/>\n<meta property=\"og:description\" content=\"A new ransomware campaign specifically targeting the encryption of enterprise servers has been discovered by security researchers. The technology employed by the criminals indicates the involvement of notorious cyber gangsters.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.retarus.com\/blog\/it\/company-servers-fall-prey-to-unusual-new-ransomware\/\" \/>\n<meta property=\"og:site_name\" content=\"Retarus Corporate Blog - IT\" \/>\n<meta property=\"article:published_time\" content=\"2019-11-18T10:42:07+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-08-20T08:13:50+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.retarus.com\/blog\/it\/wp-content\/uploads\/sites\/27\/2019\/11\/shutterstock_1080406295.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1280\" \/>\n\t<meta property=\"og:image:height\" content=\"721\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Thomas Cloer\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Scritto da\" \/>\n\t<meta name=\"twitter:data1\" content=\"Thomas Cloer\" \/>\n\t<meta name=\"twitter:label2\" content=\"Tempo di lettura stimato\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minuti\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.retarus.com\/blog\/it\/company-servers-fall-prey-to-unusual-new-ransomware\/\",\"url\":\"https:\/\/www.retarus.com\/blog\/it\/company-servers-fall-prey-to-unusual-new-ransomware\/\",\"name\":\"Company servers fall prey to unusual new ransomware - Retarus Corporate Blog - IT\",\"isPartOf\":{\"@id\":\"https:\/\/www.retarus.com\/blog\/it\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.retarus.com\/blog\/it\/company-servers-fall-prey-to-unusual-new-ransomware\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.retarus.com\/blog\/it\/company-servers-fall-prey-to-unusual-new-ransomware\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.retarus.com\/blog\/it\/wp-content\/uploads\/sites\/27\/2019\/11\/shutterstock_1080406295.png\",\"datePublished\":\"2019-11-18T10:42:07+00:00\",\"dateModified\":\"2021-08-20T08:13:50+00:00\",\"author\":{\"@id\":\"https:\/\/www.retarus.com\/blog\/it\/#\/schema\/person\/7f8954d8bf84d75cf384942c5f6cf2e5\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.retarus.com\/blog\/it\/company-servers-fall-prey-to-unusual-new-ransomware\/#breadcrumb\"},\"inLanguage\":\"it-IT\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.retarus.com\/blog\/it\/company-servers-fall-prey-to-unusual-new-ransomware\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"it-IT\",\"@id\":\"https:\/\/www.retarus.com\/blog\/it\/company-servers-fall-prey-to-unusual-new-ransomware\/#primaryimage\",\"url\":\"https:\/\/www.retarus.com\/blog\/it\/wp-content\/uploads\/sites\/27\/2019\/11\/shutterstock_1080406295.png\",\"contentUrl\":\"https:\/\/www.retarus.com\/blog\/it\/wp-content\/uploads\/sites\/27\/2019\/11\/shutterstock_1080406295.png\",\"width\":1280,\"height\":721},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.retarus.com\/blog\/it\/company-servers-fall-prey-to-unusual-new-ransomware\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.retarus.com\/blog\/it\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Company servers fall prey to unusual new ransomware\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.retarus.com\/blog\/it\/#website\",\"url\":\"https:\/\/www.retarus.com\/blog\/it\/\",\"name\":\"Retarus Corporate Blog - IT\",\"description\":\"Sempre aggiornati\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.retarus.com\/blog\/it\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"it-IT\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.retarus.com\/blog\/it\/#\/schema\/person\/7f8954d8bf84d75cf384942c5f6cf2e5\",\"name\":\"Thomas Cloer\",\"url\":\"https:\/\/www.retarus.com\/blog\/it\/author\/thomasc\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Company servers fall prey to unusual new ransomware - Retarus Corporate Blog - IT","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.retarus.com\/blog\/it\/company-servers-fall-prey-to-unusual-new-ransomware\/","og_locale":"it_IT","og_type":"article","og_title":"Company servers fall prey to unusual new ransomware","og_description":"A new ransomware campaign specifically targeting the encryption of enterprise servers has been discovered by security researchers. The technology employed by the criminals indicates the involvement of notorious cyber gangsters.","og_url":"https:\/\/www.retarus.com\/blog\/it\/company-servers-fall-prey-to-unusual-new-ransomware\/","og_site_name":"Retarus Corporate Blog - IT","article_published_time":"2019-11-18T10:42:07+00:00","article_modified_time":"2021-08-20T08:13:50+00:00","og_image":[{"width":1280,"height":721,"url":"https:\/\/www.retarus.com\/blog\/it\/wp-content\/uploads\/sites\/27\/2019\/11\/shutterstock_1080406295.png","type":"image\/png"}],"author":"Thomas Cloer","twitter_card":"summary_large_image","twitter_misc":{"Scritto da":"Thomas Cloer","Tempo di lettura stimato":"2 minuti"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.retarus.com\/blog\/it\/company-servers-fall-prey-to-unusual-new-ransomware\/","url":"https:\/\/www.retarus.com\/blog\/it\/company-servers-fall-prey-to-unusual-new-ransomware\/","name":"Company servers fall prey to unusual new ransomware - Retarus Corporate Blog - IT","isPartOf":{"@id":"https:\/\/www.retarus.com\/blog\/it\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.retarus.com\/blog\/it\/company-servers-fall-prey-to-unusual-new-ransomware\/#primaryimage"},"image":{"@id":"https:\/\/www.retarus.com\/blog\/it\/company-servers-fall-prey-to-unusual-new-ransomware\/#primaryimage"},"thumbnailUrl":"https:\/\/www.retarus.com\/blog\/it\/wp-content\/uploads\/sites\/27\/2019\/11\/shutterstock_1080406295.png","datePublished":"2019-11-18T10:42:07+00:00","dateModified":"2021-08-20T08:13:50+00:00","author":{"@id":"https:\/\/www.retarus.com\/blog\/it\/#\/schema\/person\/7f8954d8bf84d75cf384942c5f6cf2e5"},"breadcrumb":{"@id":"https:\/\/www.retarus.com\/blog\/it\/company-servers-fall-prey-to-unusual-new-ransomware\/#breadcrumb"},"inLanguage":"it-IT","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.retarus.com\/blog\/it\/company-servers-fall-prey-to-unusual-new-ransomware\/"]}]},{"@type":"ImageObject","inLanguage":"it-IT","@id":"https:\/\/www.retarus.com\/blog\/it\/company-servers-fall-prey-to-unusual-new-ransomware\/#primaryimage","url":"https:\/\/www.retarus.com\/blog\/it\/wp-content\/uploads\/sites\/27\/2019\/11\/shutterstock_1080406295.png","contentUrl":"https:\/\/www.retarus.com\/blog\/it\/wp-content\/uploads\/sites\/27\/2019\/11\/shutterstock_1080406295.png","width":1280,"height":721},{"@type":"BreadcrumbList","@id":"https:\/\/www.retarus.com\/blog\/it\/company-servers-fall-prey-to-unusual-new-ransomware\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.retarus.com\/blog\/it\/"},{"@type":"ListItem","position":2,"name":"Company servers fall prey to unusual new ransomware"}]},{"@type":"WebSite","@id":"https:\/\/www.retarus.com\/blog\/it\/#website","url":"https:\/\/www.retarus.com\/blog\/it\/","name":"Retarus Corporate Blog - IT","description":"Sempre aggiornati","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.retarus.com\/blog\/it\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"it-IT"},{"@type":"Person","@id":"https:\/\/www.retarus.com\/blog\/it\/#\/schema\/person\/7f8954d8bf84d75cf384942c5f6cf2e5","name":"Thomas Cloer","url":"https:\/\/www.retarus.com\/blog\/it\/author\/thomasc\/"}]}},"_links":{"self":[{"href":"https:\/\/www.retarus.com\/blog\/it\/wp-json\/wp\/v2\/posts\/4178"}],"collection":[{"href":"https:\/\/www.retarus.com\/blog\/it\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.retarus.com\/blog\/it\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.retarus.com\/blog\/it\/wp-json\/wp\/v2\/users\/14"}],"replies":[{"embeddable":true,"href":"https:\/\/www.retarus.com\/blog\/it\/wp-json\/wp\/v2\/comments?post=4178"}],"version-history":[{"count":2,"href":"https:\/\/www.retarus.com\/blog\/it\/wp-json\/wp\/v2\/posts\/4178\/revisions"}],"predecessor-version":[{"id":5920,"href":"https:\/\/www.retarus.com\/blog\/it\/wp-json\/wp\/v2\/posts\/4178\/revisions\/5920"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.retarus.com\/blog\/it\/wp-json\/wp\/v2\/media\/4180"}],"wp:attachment":[{"href":"https:\/\/www.retarus.com\/blog\/it\/wp-json\/wp\/v2\/media?parent=4178"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.retarus.com\/blog\/it\/wp-json\/wp\/v2\/categories?post=4178"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.retarus.com\/blog\/it\/wp-json\/wp\/v2\/tags?post=4178"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}