all InfoSec news
GlobeImposter Ransomware Being Distributed with MedusaLocker via RDP
Malware Analysis, News and Indicators - Latest topics malware.news
ASEC (AhnLab Security Emergency response Center) has recently discovered the active distribution of the GlobeImposter ransomware. This attack is being carried out by the threat actors behind MedusaLocker. While the specific route could not be ascertained, it is assumed that the ransomware is being distributed through RDP due to the various pieces of evidence gathered from the infection logs.
The threat actor installed various tools alongside GlobeImposter, such as Port Scanner and Mimikatz. Once installed, if these tools are able …
actor ahnlab asec attack center distributed distribution emergency infection logs malware analysis medusalocker port port scanner ransomware rdp response scanner security threat threat actor threat actors tools