Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11New ransomware appears attacking Windows operating system
This malware has appeared since March and has had 16 victims, mainly in the US, operating in the real estate, education, healthcare and manufacturing sectors.
Eldorado is a new and completely independent ransomware. It uses the Go language for cross-platform attacks. This malware encrypts files using the ChaCha20 algorithm and generates a unique 32-byte key and a 12-byte nonce for each locked file. The keys are then encrypted using RSA-OAEP.
After encryption, the file will be renamed ".00000001" and a ransom note named 'HOW_RETURN_YOUR_DATA.TXT' will be added to the Documents and Desktop folders.
In particular, Eldorado has the ability to customize to attack specific directories. This malicious code is even installed by default in self-delete mode to avoid being detected by users and analyzed by incident response teams.
To prevent ransomware in general and Eldorado in particular, experts recommend that users urgently deploy the following defensive measures:
- Implement a multi-factor authentication (MFA) solution and credential-based access.
- Back up data regularly to minimize damage and avoid data loss.
- Regularly update security patches to fix vulnerabilities.
- Detect and prevent intrusions quickly using AI-based analytics and advanced malware detection solutions.
- Quickly identify and respond to ransomware indicators using Endpoint Detection and Response (EDR).
- Train employees to recognize and report cybersecurity threats.
- Conduct regular and periodic technical audits or security assessments.
- Refuse to pay the ransom because data recovery is difficult and could lead to more attacks.
3.5 ★ | 2 Vote
Lesley MontoyaYou should read it
- Research: The golden time to prevent malicious code after the system is compromised
- Strange ransomware detection only attacks the rich
- How to prevent malicious blackmail JPG code via Facebook Messenger
- Is Ransomware Annabelle scary with Annabelle movies?
- How to handle the emergency WannaCry malicious code from the National Information Security Department
- Detection of a new ransomware strain targeting the Windows search engine
- Ryuk Ransomware has added 'selective' encryption capabilities.
- Warning: The new Facebook virus, a malicious code that is spreading rapidly through Messenger
May be interested
- Microsoft released an emergency patch to prevent ransomware from attacking
microsoft has released an emergency patch for windows versions to prevent further attacks by wannacry ransomware (microsoft flagged as ransom: win32 / wannacrypt). - Detecting new culprits attacking Windows 10kaspersky security researchers have discovered a new culprit - puzzlemaker - who used the google chrome and windows 10 zero-day exploit chain in highly targeted attacks against multiple companies all around the world.
- The life cycle of Windows 7 is shorter than Windows XPwhen microsoft announced the end of supporting windows xp platform, many people planned to upgrade to windows 7 instead of windows 8 or 8.1. that may be the reason for the shortened life of windows 7.
- WannaCry remains one of the most dangerous global security threatswannacry is a ransomware that spreads itself on computers using windows operating systems.
- Acronis Ransomware Protection, a completely free anti-ransomware solution for Windowsin order to protect users from the growing attack of ransomware malware, researchers at acronis have launched a tool capable of preventing any suspicious activity on the system and protecting data. your data is called acronis ransomware protection.
- Kaseya suffered a ransomware attack, affecting a series of other technology companiesa ransomware attack against the international information technology company kaseya appears to have infected hundreds of small businesses involved.
- After Windows 7 is no longer supported, this strange scene appears all over the worldto announce that the system has ended support for windows 7, microsoft has made pop-up notifications in the operating system available at 12 noon each day.
- Matrix Ransomware is back under the distribution of RIG Exploit Kitsecurity researcher jérôme segura of malwarebytes has discovered matrix ransomware being distributed through rig exploit kit on malicious display sites.
- List of the 3 most dangerous and scary Ransomware viruseswhile security solutions to protect us from threats, hackers are increasingly improving, while malicious programs (malware) are also becoming more and more 'cunning'. and one of the recent threats is how to extort money through ransomware.
- History of Microsoft Windows operating system throughout the ageswindows history has been going on for quite a long time, the familiar windows operating system is like eating daily water from many users. today, let's learn about windows operating system history to see how it has gone through changes.
Tech info
- Favorite free features on Canva
- The Hubble Telescope sent back to Earth its first photo after changing its operating method
- This is the reason many people refuse to use Meta AI on any Meta platform!
- Extremely detailed brain map shows the activity of neurons that encode language
- Why should all social media platforms implement Community Notes?
- Instructions for creating mouse pointer highlights on Windows
Favorite free features on Canva
The Hubble Telescope sent back to Earth its first photo after changing its operating method
This is the reason many people refuse to use Meta AI on any Meta platform!
Extremely detailed brain map shows the activity of neurons that encode language
Why should all social media platforms implement Community Notes?
Instructions for creating mouse pointer highlights on Windows