See also 10 dangerous app vulnerabilities to watch out for (free PDF) The operators of the RagnarLocker ransomware are installing the VirtualBox app and running virtual machines on computers they infect in order to run their ransomware in a “safe” environment, outside the reach of local antivirus software.This latest trick has been spotted and detailed today by UK cyber-security firm Sophos and shows the creativity and great lengths some ransomware gangs will go to avoid detection while attacking a victim.What’s RagnarLocker?Avoiding detection is crucial because RagnarLocker is not your typical ransomware gang. They’re a group that carefully selects targets, avoiding home consumers, and goes after corporate networks and government organizations only.Sophos says the group has targeted victims in the past by abusing internet-exposed RDP endpoints and has compromised MSP (managed service provider) tools to breach companies and gain access to their internal networks.On these networks, the RagnarLocker group deploys a version of their ransomware — customized per each victim — and then demands an astronomical decryption fee in the tune of tens and hundreds of thousands of US dollars. Because each of these carefully planned intrusions represents a chance to earn large amounts of money, the RagnarLocker group has put… Read full this story
- What Is a Virtual Machine? Everything You Need to Know
- 5 Ways to Safely Test Your Antivirus Software
- The 7 Best Truly Free Antivirus Software for Mac
- How to Create a Virtual Machine Using Windows 10 Hyper-V
- VirtualBox vs. VMware Player: The Best Virtual Machine for Windows
- Found a Suspicious File? Test It In A Virtual Machine!
- Create a Virtual Machine Clone of Your Existing Windows Hard Drive
- How to Install Linux in Windows With a VMware Virtual Machine
- How to Set Up a Windows Virtual Machine in Linux
- Dual Boot vs. Virtual Machine: Which One Is Right for You?
Ransomware deploys virtual machines to hide itself from antivirus software have 310 words, post on www.zdnet.com at May 22, 2020. This is cached page on IT Breaking News. If you want remove this page, please contact us.