• About
  • Advertise
  • Careers
  • Contact
Monday, February 6, 2023
No Result
View All Result
NEWSLETTER
Cyber360 News
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
No Result
View All Result
Cyber360 News
No Result
View All Result
Home Security

Latest Ransomware ‘Xwo’ Attacks PCs With Default Passwords

by Cyber360 News
November 11, 2019
in Security
0
Latest Ransomware ‘Xwo’ Attacks PCs With Default Passwords
0
SHARES
0
VIEWS
Share on FacebookShare on Twitter

Only a few days ago we alerted our users about ransomware called vxCrypt which improves your PC’s performance as it encrypts your file. However, another deadly malware called Xwo is the latest ransomware to make your online browsing experience perilous.

According to AT&T Alien Labs, Xwo is a different type of ransomware as it doesn’t encrypt your file but rather steals your credentials. The ransomware attacks computers with default credentials that can easily be broken.

jamf now

How Does The Latest Ransomware Work?

Latest ransomware Xwo working

Xwo is similar to another malware called Mongolock — which formats files and backups of the target PC. There is no concrete information about how Xwo started spreading, however, the ransomware mimics websites of news and cybersecurity firms. Xwo registers them under the domain name ‘.tk’ which stands for Tokelau, New Zealand.

Xwo scans the web for default credentials using MySQL, MongoDB, Postgre SQL, etc. Default credentials for Tomcat, an open-source Jawa container, were also reported to be unsafe. This ransomware sends the scanned credentials to the command center via an HTTP POST request.

Things To Look Out For

latest ransomware xwo precautions

Xwo ransomware gathers information about Git paths, Default SVN, Git Repository, PHP admin details and more. The latest malware is on a surveillance mission to gather information that could signal a large-scale attack in the future.

According to AT&T Alien labs, Cloudfare C2 servers were affected by Xwo malware. The threat to these servers has since been taken care of. But it is unlikely that the attackers will rest anytime soon.

jamf now

Usually, public access systems have defaults and weak credentials, thus restricted access to such terminals whenever they’re not in use is highly recommended.

Alien Labs has also released a list of malware indicators to minimize the threat of Xwo Ransomware.

A large-scale ransomware attack on the city of Albany in New York left the city administration crippled a few days back. A small medical center in Michigan was also shut down due to the ransomware attack.

With the addition of Xwo to the ever-expanding list of ransomware, users are advised to use strong passwords and keep offline backups of files.

Also Read: LockerGoga: The Dangerously Changing Face Of Ransomware
Cyber360 News

Cyber360 News

Next Post
Pirated Game Of Thrones Torrent Is Making Your PC Sick

Pirated Game Of Thrones Torrent Is Making Your PC Sick

Recent Posts

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

October 6, 2021
Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

October 1, 2021
Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

October 1, 2021

Whats New in Kali Linux?

September 14, 2021

Kali Linux 2019.3 Release (CloudFlare, Kali-status, metapackages, Helper-Scripts & LXD)

September 14, 2021

Kali Linux 2021.3 Release (OpenSSL, Kali-Tools, Kali Live VM Support, Kali NetHunter Smartwatch)

September 14, 2021

Kali Linux 2018.4 Release

September 14, 2021

Kali Linux 1.0.5 and Software Defined Radio

September 14, 2021

Kali Tools Website Launched, 1.0.9 Release

September 14, 2021

Kali Linux Dojo at Black Hat Vegas 2016

September 14, 2021

Category

Site Links

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

About Us

We bring you the best Premium WordPress Themes that perfect for news, magazine, personal blog, etc. Check our landing page for details.

© 2019 Cyber360 News - Powered by WebSensePro

No Result
View All Result
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us

© 2019 Cyber360 News - Powered by WebSensePro

Login to your account below

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In