Microsoft Reveals A New Ransomware “PonyFinal” That Attacks Healthcare Sector
Microsoft Reveals A New Ransomware “PonyFinal” That Attacks Healthcare Sector
May 29, 2020
Microsoft Reveals A New Ransomware “PonyFinal” That Attacks Healthcare Sector
Microsoft Reveals A New Ransomware “PonyFinal” That Attacks Healthcare Sector
May 29, 2020

Microsoft has revealed a new human-operated ransomware called “PonyFinal” that uses “brute force” against a target company’s systems management server and mainly has targeted the healthcare sector amidst the COVID-19 crisis.

On May 27, it has been reported by a series of tweets published by the tech giant that PonyFinal requires hackers to break the security scheme of corporate networks in order to deploy the ransomware manually, as PonyFinal doesn’t rely on tricking the users into launching the payload through phishing links or e-mails.

However, the Java-based PonyFinal deploys a Java Runtime Environment (JRE). The evidence found by Microsoft shows that attackers use information stolen from the systems management server to target endpoints where JRE is already installed.

ALSO READ :  Canaan Posts 13$ Million Q3 Profit In Latest Filing

Further, the report states that the ransomware is delivered through an MSI file, which contains two batch files, including the payload that will be activated by the attacker.

Phillip Misner, the Research Director of Microsoft Threat Protectionclarified that there are other human-operated ransomware campaigns such as:

  • Bitpaymer
  • Ryuk
  • Revil
  • Samas

PonyFinal was first detected at the beginning of April.

The report highlighted that authorship cannot be attributed to a single group of attackers, as several hacker groups are using this same form of ransomware.

Brett Callow, the threat analyst at Emsisoft, said:

“Human-operated ransomware such as PonyFinal is not unusual and nor is its delivery method which, according to Microsoft, is ‘thru brute force attacks against a target company’s systems management server.’ Attacks on internet-facing servers are not at all unusual and account for a significant percentage of ransomware incidents. But they’re also mostly preventable as such attacks typically only succeed because of a security weakness or vulnerability.”

Callow added that companies can significantly reduce the likelihood of being successfully attacked by adhering to best practices by using multi-factor authentication, patching promptly, and disabling PowerShell when possible.

ALSO READ :  Carpooling App Ryde Launches Its Own BTC Payments Wallet

Thus, ransomware attacks continue to be carried out in different parts of the world in the midst of the COVID-19 crisis, with many targeting healthcare companies.

Source: Cointelegraph | Image: PCMag


Disclaimer

Crypto News Point a news platform of Digital Notice Media Labs is primarily a regular publication of information, commentary and articles focused extensively on fintech, blockchain technology, cryptocurrency, blockchain-based tokens, cryptocurrency market trends, and trading strategies. We do not provide individually tailored investment advice and does not take a subscriber’s or anyone’s circumstances into consideration when discussing investments, nor is Crypto News Point registered as an investment adviser or broker-dealer in any jurisdiction. Information contained herein is not an offer or solicitation to buy, hold, or sell any digital assets.

Affiliate Disclosure: To help support the work we do here at CNP, we often link to products and deals from around the web. Should you buy some of these, we may get a portion of the sale.

We in generally gather content from the major websites. In every article there is always a clear link and attribution to the source publication. If you have any issue with any of our published content taken from your site, kindly let us know so that we can take appropriate action. In any case, the content of the pages of this website is for your general information and use only. It is subject to change without notice.

You May Also like

Ishita Bora

Ishita Bora is a Senior Content Creator at Digital Notice Media Labs with an experience of 1 year. She has completed her Master's Degree in Language and Linguistics in 2019 from Gauhati University, India. Her interest lies in blockchain technology and cryptocurrency space, as she loves writing about blockchain and other blockchain-related articles. Currently, she is working on blockchain-based news, reviews, featured articles, and guides.
Share This

Share This

Share this post with your friends!