Dead System Admin's Credentials Used for Ransomware Attack :

Dead System Admin's Credentials Used for Ransomware Attack


Get Permission
The operators of the Nefilim ransomware used the credentials of a deceased system administrator to plant their crypto-locking malware in about 100 vulnerable systems during one attack, according to a recent report published by security firm Sophos.
Nefilim, which is also known as Nemty, is a relatively new ransomware variant; its operators target organizations with unpatched or poorly secured Citrix remote access technology. In December 2020, the ransomware was tied to an attack that targeted appliance maker Whirlpool (see:
The criminal gang's use of the credentials that belonged to a deceased system administrator caught the attention of the Sophos researchers.

Related Keywords

Australia , Australian , Ransomware Attacksophos , Dangerprajeet Nair , Nefilim Ransomware , Toll Group , Sophos , Fraud Management , System Admin , Credentials Used , Ghost Accounts Present , Potential Security Dangerprajeet Nair , Menlo Security Protecting Against Email Based , Whirlpool Hit With Ransomware Attack , Microsoft Bitlocker , Fortiguard Labs , Nefilim Ransomware Gang Tied , Citrix Gateway Hacks , ஆஸ்திரேலியா , ஆஸ்திரேலிய , சுங்கவரி குழு , சோபோஸ் , மோசடி மேலாண்மை , சான்றுகளை பயன்படுத்தப்பட்டது , பேய் கணக்குகள் ப்ரெஸெஂட் , மென்லோ பாதுகாப்பு ப்ரொடெக்டிஂக் எதிராக மின்னஞ்சல் அடிப்படையிலானது , சிட்ரிக்ஸ் நுழைவாயில் ஹேக்ஸ் ,

© 2025 Vimarsana