• About
  • Advertise
  • Careers
  • Contact
Monday, March 20, 2023
No Result
View All Result
NEWSLETTER
Cyber360 News
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
No Result
View All Result
Cyber360 News
No Result
View All Result
Home Security

‘Sodinokibi’ Is A New Ransomware That Exploits Oracle Zero Day Flaw

by Cyber360 News
November 11, 2019
in Security
0
‘Sodinokibi’ Is A New Ransomware That Exploits Oracle Zero Day Flaw
0
SHARES
3
VIEWS
Share on FacebookShare on Twitter

A couple of weeks back, a zero-day vulnerability was discovered in Oracle WebLogic Servers that can trigger the deserialization of malicious code and allow hackers to take over the targeted system.

Now, a recent report suggests that this zero-day vulnerability has been abused for over a week to infect Oracle WebLogic servers through ransomware. So far, two strands of ransomware have been identified by security researchers from Cisco Talos.

jamf now

Attackers are trying to infect systems through a new strain of ransomware called ‘Sodinokibi’ that tries to encrypt data in a user’s directory. It makes the recovery more difficult by deleting trustworthy backups.

Usually, ransomware requires some form of user interaction such as opening an email attachment, clicking on a malicious link, or running a piece of malicious code on the device — to infect the system.

However, in this case, Sodinokibi doesn’t require any form of interaction as the attackers simply leverage the Oracle WebLogic vulnerability to force the affected server to download a copy of the ransomware.

Sodinokibi

Once the Sodinokibi ransomware is installed, the attackers display a ransom note on the victim’s device. They demand around $2,500 in Bitcoin in exchange for receiving decryption keys, giving a deadline of two days to submit it.

jamf now

If the victim misses the deadline, the attackers launch a second strain of ransomware, ‘GandCrab,’ and the ransom doubles to $5,000.

The reason behind using two different strains of malware on the same victim is unclear as of now. According to the researchers, “perhaps the attackers felt their earlier attempts had been unsuccessful and were still looking to cash in by distributing Gandcrab.”

Another possibility is that the attackers knew that Oracle WebLogic zero-day flaw would be patched soon, so they tried to maximize their profit by ensuring they tried everything in the limited amount of time they had.

In any case, server owners should take out time to implement Oracle’s recent patch to prevent other types of attacks which could arrive anytime.

Also Read: Japan Is Developing First Computer Virus To Prevent Cyber Crimes
Cyber360 News

Cyber360 News

Next Post
Japan Is Developing First Computer Virus To Prevent Cyber Crimes

Japan Is Developing First Computer Virus To Prevent Cyber Crimes

Recent Posts

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

October 6, 2021
Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

October 1, 2021
Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

October 1, 2021

Whats New in Kali Linux?

September 14, 2021

Kali Linux 2019.3 Release (CloudFlare, Kali-status, metapackages, Helper-Scripts & LXD)

September 14, 2021

Kali Linux 2021.3 Release (OpenSSL, Kali-Tools, Kali Live VM Support, Kali NetHunter Smartwatch)

September 14, 2021

Kali Linux 2018.4 Release

September 14, 2021

Kali Linux 1.0.5 and Software Defined Radio

September 14, 2021

Kali Tools Website Launched, 1.0.9 Release

September 14, 2021

Kali Linux Dojo at Black Hat Vegas 2016

September 14, 2021

Category

Site Links

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

About Us

We bring you the best Premium WordPress Themes that perfect for news, magazine, personal blog, etc. Check our landing page for details.

© 2019 Cyber360 News - Powered by WebSensePro

No Result
View All Result
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us

© 2019 Cyber360 News - Powered by WebSensePro

Login to your account below

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In