Dead System Admin's Credentials Used for Ransomware Attack

Get Permission
The operators of the Nefilim ransomware used the credentials of a deceased system administrator to plant their crypto-locking malware in about 100 vulnerable systems during one attack, according to a recent report published by security firm Sophos.
Nefilim, which is also known as Nemty, is a relatively new ransomware variant; its operators target organizations with unpatched or poorly secured Citrix remote access technology. In December 2020, the ransomware was tied to an attack that targeted appliance maker Whirlpool (see:
The criminal gang's use of the credentials that belonged to a deceased system administrator caught the attention of the Sophos researchers.

Related Keywords

Australia ,Australian ,Ransomware Attacksophos ,Dangerprajeet Nair ,Nefilim Ransomware ,Toll Group ,Sophos ,Fraud Management ,System Admin ,Credentials Used ,Ghost Accounts Present ,Potential Security Dangerprajeet Nair ,Menlo Security Protecting Against Email Based ,Whirlpool Hit With Ransomware Attack ,Microsoft Bitlocker ,Fortiguard Labs ,Nefilim Ransomware Gang Tied ,Citrix Gateway Hacks ,ஆஸ்திரேலியா ,ஆஸ்திரேலிய ,சுங்கவரி குழு ,சோபோஸ் ,மோசடி மேலாண்மை ,சான்றுகளை பயன்படுத்தப்பட்டது ,பேய் கணக்குகள் ப்ரெஸெஂட் ,மென்லோ பாதுகாப்பு ப்ரொடெக்டிஂக் எதிராக மின்னஞ்சல் அடிப்படையிலானது ,சிட்ரிக்ஸ் நுழைவாயில் ஹேக்ஸ் ,