New ransomware ‘Sodin’ targeting Microsoft’s Windows OS identified, Asia most affected | HT Tech

New ransomware ‘Sodin’ targeting Microsoft’s Windows OS identified, Asia most affected

The researchers found that most targets of Sodin ransomware were found in the Asian region: 17.6 per cent of attacks have been detected in Taiwan, 9.8 per cent in Hong Kong and 8.8 per cent in the Republic of Korea.

By: INDO ASIAN NEWS SERVICE
| Updated on: Jul 07 2019, 18:14 IST
New ransomware that exploits Windows flaw identified
New ransomware that exploits Windows flaw identified (AP)
New ransomware that exploits Windows flaw identified
New ransomware that exploits Windows flaw identified (AP)

Researchers at cybersecurity firm Kaspersky have uncovered new encryption ransomware named Sodin which exploits a recently discovered Windows vulnerability to get elevated privileges in an infected system.

The ransomware takes advantage of the architecture of the central processing unit (CPU) to avoid detection - functionality that is not often seen in ransomware.

"Ransomware is a very popular type of malware, yet it's not often that we see such an elaborate and sophisticated version: using the CPU architecture to fly under the radar is not a common practice for encryptors," said Fedor Sinitsyn, a security researcher at Kaspersky.

"We expect a rise in the number of attacks involving the Sodin encryptor, since the amount of resources that are required to build such malware is significant. Those who invested in the malware's development definitely expect if to pay off handsomely," Sinitsyn added.

The researchers found that most targets of Sodin ransomware were found in the Asian region: 17.6 per cent of attacks have been detected in Taiwan, 9.8 per cent in Hong Kong and 8.8 per cent in the Republic of Korea.

However, attacks have also been observed in Europe, North America and Latin America, Kaspersky said, adding that the ransomware note left on infected PCs demands $2500 worth of Bitcoin from each victim.

The vulnerability CVE-2018-8453 that the ransomware uses was earlier found to be exploited by the FruityArmor hacking group. The vulnerability was patched on October 10, 2018, Kaspersky said.

To avoid falling victim to Sodin threats, make sure that the software used in your company is regularly updated to the most recent versions, said Kaspersky researchers.

Security products with vulnerability assessment and patch management capabilities may help to automate these processes, they added.

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 07 Jul, 18:14 IST
NEXT ARTICLE BEGINS