Source |
CodingSec |
Identifiant |
3629 |
Date de publication |
2016-07-04 18:50:03 (vue: 2016-07-04 18:50:03) |
Titre |
New Ransomware ‘Satana’ Prevents Your PC from Starting By Encrypting Your Boot Record |
Texte |
Malicious attackers are now working on a new ransomware that messes with your master boot record (MBR), like the Petya did last March. Called Satana (“Satan” in few Romance languages), this ransomware is a mixture of both Petya and classic ransomware. Satana encrypts your files using the same old methods other ransomware families use. For every encrypted file, Satana prepends the attacker’s email address to each file like: “email@domain.com__filename.extension”. This ransomware encrypts the MBR and then replaces with its own. When a user reboots his computer for the first time, Satana’s MBR boot code loads and the computer won’t start and shows Satana’s ransom note. According to |
Envoyé |
Oui |
Condensat |
“email@domain according address appeared are  now working attacker’s  email attackers boot both petya called classic code coding com computer did each encrypting encrypts every encrypted extension” families file filename files first from his its languages last like like: loads malicious march master mbr messes methods mixture new note old other own petya post prepends prevents ransom ransomware ransomware encrypts reboots record replaces romance same satana satana’s security shows start starting then the first time use user using when won’t your |
Tags |
|
Stories |
|
Notes |
|
Move |
|