Specialists from the Dutch information security company SanSec have discovered that the hacker group Lazarus…
Let me remind you that we also wrote that Cybercriminals attacked the UHS healthcare network, and also that Data of 2 million Patients Leaked Due to Hack Shields Health Care Group.
According to Stairwell analysts, whose research was the basis for the warning issued by the authorities, the deployment of Maui in the networks of the victims is manual, and the malware operators target certain files that they want to encrypt.
In addition, Maui does not leave any ransom messages or data recovery instructions on encrypted machines.
Maui uses a combination of AES, RSA and XOR for the encryption process: files are encrypted with AES using a unique key, which is then encrypted with the RSA key pair generated when the malware is first run, and then the RSA public key is encrypted using another hardcoded public key R.S.A.
US officials believe that this campaign is based on the willingness of medical institutions to pay a ransom, as they need to quickly recover from an attack and ensure uninterrupted access to critical data and services, because people’s lives and health depend on them.
Kurlibat.xyz is a site that tries to trick you into clik to its browser notifications…
Initiateintenselyrenewedthe-file.top is a domain that tries to trick you into clik to its browser notifications…
Wotigorn.xyz is a site that tries to force you into subscribing to its browser notifications…
Initiateintenselyprogressivethe-file.top is a domain that tries to force you into clik to its browser notifications…
Nuesobatoxylors.co.in is a domain that tries to trick you into subscribing to its browser notifications…
Helistym.xyz is a site that tries to force you into clik to its browser notifications…