Saturday, December 2, 2023

Security Boulevard Logo

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
    • News Releases
  • Security Bloggers Network
    • Latest Posts
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming Webinars
    • Calendar View
    • On-Demand Webinars
  • Events
    • Upcoming Events
    • On-Demand Events
  • Sponsored Content
  • Chat
    • Security Boulevard Chat
    • Marketing InSecurity Podcast
    • Techstrong.tv Podcast
    • TechstrongTV - Twitch
  • Library
  • Related Sites
    • Techstrong Group
    • Cloud Native Now
    • DevOps.com
    • Security Boulevard
    • Techstrong Research
    • Techstrong TV
    • Techstrong.tv Podcast
    • Techstrong.tv - Twitch
    • Devops Chat
    • DevOps Dozen
    • DevOps TV
  • Media Kit
  • About
  • Sponsor

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
  • Humor
Hot Topics
  • How to Build a Phishing Playbook Part 1: Preparation
  • DEF CON 31 - Renderman’s, Tom Dang’’s ‘War Stories - The Risks Of Pointing Out The Emperor Is Buck Naked’
  • The Qlik Cyber Attack: Why SSPM Is a Must Have for CISOs
  • 8 Essential Security Awareness Training Topics
  • Randall Munroe’s XKCD ‘X Value’
Endpoint SBN News Security Bloggers Network 

Home » Cybersecurity » Endpoint » New CryptoMix Clop Ransomware Variant Claims to Target Networks

SBN

New CryptoMix Clop Ransomware Variant Claims to Target Networks

by David Bisson on March 5, 2019

A new variant of the CryptoMix Clop ransomware family claims to target entire networks instead of individual users’ machines.

AI on ActionSponsorships Available

Security researcher MalwareHunterTeam discovered the variant near the end of February 2019. In their analysis of the threat, they noticed that the ransomware came equipped with more email addresses than previous versions of CryptoMix Clop. They also noted that those responsible for the crypto-malware applied slight variations to their creation’s extension.

Signed & low detected (as usual), yesterday evening build of CryptoMix Clop ransomware sample: https://t.co/20KMkc3S9X
Again some changes in the note, and now it has 3 email addresses…
Also, new mutex and “messages” too.
😂@demonslay335
cc @VK_Intel pic.twitter.com/1wv5zJTRNB

— MalwareHunterTeam (@malwrhunterteam) February 26, 2019

In its analysis of the new variant, Bleeping Computer observed that executables code-signed with a digital certificate were responsible for distributing the ransomware. This tactic gives the threat a sense of legitimacy, including in the eyes of some digital security software solutions.

Once executed, the variant begins by terminating various Windows services and processes. Doing so enables CryptoMix Clop to disable anti-virus software running on the computer. It also helps it close all files, thereby placing them in a state where they are easy to encrypt.

Lawrence Abrams, creator and owner of Bleeping Computer, discovered another interesting facet of the CryptoMix Clop variant at this stage in the infection process. As he explains in a blog post:

Another item noticed by BleepingComputer in this variant is that it will create a batch file named clearnetworkdns_11-22-33.bat that will be executed soon after the ransomware is launched. This batch file will disable Windows’s automatic startup repair, remove shadow volume copies, and then resize them in order to clear orphaned shadow volume copies.

The ransomware then encrypts the victim’s files and appends the .Clop (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by David Bisson. Read the original post at: https://www.tripwire.com/state-of-security/security-data-protection/cyber-security/new-cryptomix-clop-ransomware-variant-claims-to-target-networks/

March 5, 2019March 5, 2019 David Bisson CryptoMix Clop, Cyber Security, encryption, Latest Security News, Ransomware
  • ← How to Get Kids Prepared for a Career in Cybersecurity
  • Why Is Penetration Testing Critical to the Security of the Organization? →

Techstrong TV – Live

Click full-screen to enable volume control
Watch latest episodes and shows

Upcoming Webinars

Thu 07

Improved Patient Experience: What That Means for Your Cybersecurity Posture

December 7 @ 1:00 pm - 2:00 pm
Mon 11

How Boundless Software Accelerated Customer Onboarding With Calico Cloud and Amazon EKS

December 11 @ 11:00 am - 12:00 pm
Mon 11

API Security

December 11 @ 1:00 pm - 2:00 pm
Thu 14

AWS Immersion Day: Securing Your Infrastructure-as-Code With Snyk and HashiCorp

December 14 @ 1:00 pm - 3:00 pm
Tue 19

Optimizing Application Security Effectiveness – Key Findings From the ESG Report

December 19 @ 9:00 am - 10:00 am
Feb 12

Ransomware

February 12, 2024 @ 1:00 pm - 2:00 pm
Mar 11

Securing Open Source

March 11, 2024 @ 1:00 pm - 2:00 pm
May 20

Zero-Trust

May 20, 2024 @ 1:00 pm - 2:00 pm

More Webinars

Subscribe to our Newsletters

TSTV Podcast

Most Read on the Boulevard

Okta Screws Up (Yet Again) — ALL Customers’ Data Hacked, not just 1%
Meta Sued for Ignoring its Underage Kids Problem (Because Money)
Small Business Cybersecurity Hampered by Fear of Change, Judgement
Security is an Economically Resilient Market: Strategies for Uncertain Times
UK, South Korea Warn of North Korea Supply-Chain Attacks
SOA VS MICROSERVICES – What’s the difference?
FBI And CISA Warn Of Rhysida Ransomware Threat
SEO Poisoning Brings Users to Attackers’ Doors
Top 5 Questions from the World’s Largest CMMC Event
The Importance of DevOps Engineers for Your Business

Download Free eBook

7 Must-Read eBooks for Security Professionals

Industry Spotlight

TikTok Ban Banned — Montana Loses in US Court
AI and Machine Learning in Security AI and ML in Security Analytics & Intelligence Application Security AppSec Cloud Security Cloud Security Cyberlaw Cybersecurity Data Privacy Data Security Deep Fake and Other Social Engineering Tactics DevOps DevSecOps Digital Transformation Editorial Calendar Endpoint Featured Governance, Risk & Compliance Humor Industry Spotlight Malware Mobile Security Most Read This Week Network Security News Popular Post Regulatory Compliance Securing the Cloud Securing the Edge Security at the Edge Security Boulevard (Original) Security Challenges and Opportunities of Remote Work Security Operations Social - Facebook Social - LinkedIn Social - X Social Engineering Spotlight Threat Intelligence Threats & Breaches Vulnerabilities Zero-Trust 

TikTok Ban Banned — Montana Loses in US Court

December 1, 2023 Richi Jennings | Yesterday 0
VirusTotal: Generative AI is Great at Detecting, Identifying Malware
Cybersecurity Data Privacy Data Security DevOps Featured Industry Spotlight Malware Mobile Security Network Security News Security Boulevard (Original) Spotlight Threat Intelligence Threats & Breaches 

VirusTotal: Generative AI is Great at Detecting, Identifying Malware

December 1, 2023 Jeffrey Burt | Yesterday 0
CISA: Threat Groups are Targeting Unitronics PLCs in Water Systems
Cybersecurity Featured Industry Spotlight IoT & ICS Security Malware Network Security News Security Boulevard (Original) Social - Facebook Social - X Spotlight Threat Intelligence Threats & Breaches 

CISA: Threat Groups are Targeting Unitronics PLCs in Water Systems

November 30, 2023 Jeffrey Burt | 1 day ago 0

Top Stories

Trend Micro Adds AI Tool While Extending CNAPP Reach
Analytics & Intelligence Application Security Cloud Security Cybersecurity Featured Incident Response News Security Boulevard (Original) Social - X Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

Trend Micro Adds AI Tool While Extending CNAPP Reach

November 30, 2023 Michael Vizard | 1 day ago 0
Black Basta Extortion Group Racks Up $107 Million in Ransom Payments
Blockchain Cloud Security Cybersecurity Data Security Digital Currency Featured Industry Spotlight Malware Network Security News Security Boulevard (Original) Social - Facebook Social - X Spotlight Threat Intelligence Threats & Breaches 

Black Basta Extortion Group Racks Up $107 Million in Ransom Payments

November 30, 2023 Jeffrey Burt | 1 day ago 0
Okta Screws Up (Yet Again) — ALL Customers’ Data Hacked, not just 1%
Analytics & Intelligence API Security Application Security AppSec Cloud Security Cloud Security Cybersecurity Data Privacy Data Security Deep Fake and Other Social Engineering Tactics DevOps DevSecOps Editorial Calendar Endpoint Featured Governance, Risk & Compliance Humor Identity & Access Identity and Access Management Incident Response Industry Spotlight Insider Threats IOT Mobile Security Most Read This Week Network Security News Popular Post Regulatory Compliance Securing Open Source Securing the Cloud Securing the Edge Security at the Edge Security Awareness Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Social Engineering Spotlight Threat Intelligence Threats & Breaches Vulnerabilities Zero-Trust 

Okta Screws Up (Yet Again) — ALL Customers’ Data Hacked, not just 1%

November 29, 2023 Richi Jennings | 2 days ago 0

Security Humor

Randall Munroe’s XKCD ‘X Value’

Randall Munroe’s XKCD ‘X Value’

Security Boulevard Logo White

DMCA

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: [email protected]

Useful Links

  • About
  • Media Kit
  • Sponsor Info
  • Copyright
  • TOS
  • DMCA Compliance Statement
  • Privacy Policy

Related Sites

  • Techstrong Group
  • Cloud Native Now
  • DevOps.com
  • Digital CxO
  • Techstrong Research
  • Techstrong TV
  • Techstrong.tv Podcast
  • DevOps Chat
  • DevOps Dozen
  • DevOps TV
Powered by Techstrong Group
Copyright © 2023 Techstrong Group Inc. All rights reserved.

Cloud Workload Resilience PulseMeter

Step 1 of 8

12%
How do you define cloud resiliency for cloud workloads? (Select 3)(Required)
  • Smaller, self-contained microservices fail independently without impacting overall availability.
  • Containerized software provides isolation and consistency, making it easier to scale and recover from failure.
  • Stateless design patterns increase scalability and can fail independently without impacting other parts of cloud applications.
  • Serverless design pattern allows events to initiate the operation of the discrete functions as needed.
  • Cloud-native architecture significantly influences the resiliency of cloud-deployed applications.
  • Cloud-native architecture provides limited or no resiliency improvement.
How important is improving the resiliency of cloud workloads for your organization in 2024? (Select 1)(Required)
Which of the following do you use to improve the resiliency of cloud workloads? (Select all that apply)(Required)
  • Distribute workloads
  • Portable workloads across multiple cloud providers
  • Move some workloads to the edge
  • Kubernetes clusters for failover and load distribution
  • Stateless software design
  • Increased security posture
  • Setting meaningful and achievable resiliency goals
What are the most significant challenges to improving the resiliency of cloud workloads or cloud-native applications? (Select all that apply)(Required)
How much of your cloud workload is cloud-native today? (Select 1)(Required)
What is your business or organization's size (# employees)? (Select 1)(Required)