all InfoSec news
A technical analysis of the BackMyData ransomware used to attack hospitals in Romania
Malware Analysis, News and Indicators - Latest topics malware.news
Summary
According to BleepingComputer, a ransomware attack that occurred starting 0n February 11 forced 100 hospitals across Romania to take their systems offline. BackMyData ransomware, which took credit for it, belongs to the Phobos family. The malware embedded an AES key that is used to decrypt its configuration containing whitelisted extensions, files, and directories, a public RSA key that is used to encrypt AES keys used for files’ encryption, and other information. Persistence is achieved by creating an entry …
aes analysis attack bleepingcomputer credit decrypt embedded family february hospitals key malware malware analysis offline phobos ransomware ransomware attack romania systems technical technical analysis