Attackers used Dridex to deliver Entropy ransomware, code resemblance uncovered

Sophos released a research that details code similarities in the general purpose Dridex botnet and the little-known ransomware, Entropy. The similarities are in the software packer used to conceal the ransomware code, in the malware subroutines designed to find and obfuscate commands (API calls), and in the subroutines used to decrypt encrypted text. Sophos uncovered the similarities while investigating two incidents where attackers used Dridex to deliver Entropy ransomware. These attacks targeted a media company … More →

The post …

attackers botnet code dridex entropy ransomware ransomware software sophos