HOW DARKRADIATION RANSOMWARE ATTACKS TARGETS LINUX AND DOCKER INSTANCES?
Security researchers have observed new ransomware dubbed as “DarkRadiation Ransomware” written in Bash script targets Linux and Docker Instances. For file encryption, ransomware uses OpenSSL‘s AES algorithm to encrypt the files in the directory.
* Targets Of DarkRadiation Ransomware Attacks:
* How Attackers Use DarkRadiation Ransomware Against Linux And Docker Instances?
* Indicators Of Compromise (IOCs) Of DarkRadiation Ransomware:
* File Hashes:
* C&C Server:
* Recommendation To Protect Against DarkRadiation Ransomware Attacks:
Table of Contents :
* Block all the IOCs on firewalls, web proxies, and EDR applications.
* Isolate the suspected machine for further analysis.
* Initiate the BCP plan
*Restore the data with clean backups.
* Avoid handling files or URL links in emails, chats, or shared folders from untrusted sources.
* Provide phishing awareness training to your employees/contractors.
* Keep Anti-malware solutions at the endpoint and network-level updated at all times.
* Deploy Endpoint Detection & Response (EDR) tools to detect the latest malware and suspicious activities on endpoints.
Recommendation To Protect Against DarkRadiation Ransomware Attacks:
Continue Reading .....