Ransomeware04-200x200  - Ransomeware04 200x200 - Are Bad Guys Swapping TeamViewer For AnyDesk to install Blackheart Ransomware?

According to Trend Micro researchers a new ransomware strain called drops its payload alongside the perfectly legitimate AnyDesk remote desktop tool, highly likely as a way to evade detection.

This isn’t the first time that a malware abused a similar tool. , a tool with more than 200 million users, was abused as by a previous ransomware that used the victim’s connections as a distribution method. 

Trend Micro researchers are guessing that cyber offenders are likely testing with AnyDesk as an alternative to TeamViewer, a similar tool that has previously been abused by .

In this instance, however, RANSOM_BLACKHEART bundles both the legitimate program and the malware together instead of using AnyDesk for propagation.

A sample of the malware, detected as RANSOM_BLACKHEART, was found to generate a ransom note demanding a modest sum of $50 in bitcoins in exchange for decrypting affected files, Trend Micro reports in a May 1 blog post. The company refers to BLACKHEART as a “fairly common ransomware, with a routine that encrypts a variety of files that use different extensions as part of its routine.”

Like TeamViewer, AnyDesk is developed in Germany, and the product gives you bidirectional remote access between personal computers running on various operating systems and unidirectional access on the and iOS mobile platforms.

Trend Micro researchers speculate that cyber offenders may be experimenting with AnyDesk as an alternative to TeamViewer, a similar tool that has previously been abused by ransomware — although in that case, it was confirmed that TeamViewer connections were actually used to the malicious code.

Trend Micro reports that AnyDesk “has acknowledged the existence of the ransomware, and has stated that they will be discussing possible steps they can take.”


RanSimFalPos.png  - RanSimFalPos - Are Bad Guys Swapping TeamViewer For AnyDesk to install Blackheart Ransomware?

Free Ransomware Simulator Tool

How vulnerable is your network against a ransomware attack?

are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?

KnowBe4’s “RanSim” gives you a quick look at the effectiveness of your existing network protection. RanSim will simulate 10 infection scenarios and show you if a workstation is vulnerable to infection.

Get Started  - 18793d55 e1a3 4b4d 882a 87ab7781f852 - Are Bad Guys Swapping TeamViewer For AnyDesk to install Blackheart Ransomware?

 



Source link
Based Blockchain Network

LEAVE A REPLY

Please enter your comment!
Please enter your name here