Ragnar Locker ransomware deploys virtual machine to dodge security

The_Librarian

Another MyBB
Super Moderator
Joined
Nov 20, 2015
Messages
26,777
A new ransomware attack method takes defense evasion to a new level—deploying as a full virtual machine on each targeted device to hide the ransomware from view. In a recently detected attack, Ragnar Locker ransomware was deployed inside an Oracle VirtualBox Windows XP virtual machine. The attack payload was a 122 MB installer with a 282 MB virtual image inside—all to conceal a 49 kB ransomware executable.
Link : https://news.sophos.com/en-us/2020/...re-deploys-virtual-machine-to-dodge-security/
 
Top