all InfoSec news
LokiLocker, a Ransomware Similar to BlackBit Being Distributed in Korea
May 15, 2023, 4:16 a.m. | MalBot
Malware Analysis, News and Indicators - Latest topics malware.news
AhnLab Security Emergency response Center(ASEC) has confirmed the distribution of the LokiLocker ransomware in Korea. This ransomware is almost identical to the BlackBit ransomware and their common traits have been mentioned before in a previous blog post. A summary of these similarities is as follows.
Similarities Between LokiLocker and BlackBit
- Disguised as svchost.exe
- Same obfuscation tool used (.NET Reactor)
- Registered to the task scheduler and registry (persistence of malware)
- Ransom note and the new file icon image set after encryption …
ahnlab asec blackbit ransomware blog blog post center distributed distribution emergency korea lokilocker malware analysis ransomware response security
More from malware.news / Malware Analysis, News and Indicators - Latest topics
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Information Security Engineers
@ D. E. Shaw Research | New York City
SOC Cyber Threat Intelligence Expert
@ Amexio | Luxembourg, Luxembourg, Luxembourg
Systems Engineer - SecOps
@ Fortinet | Dubai, Dubai, United Arab Emirates
Ingénieur Cybersécurité Gouvernance des projets AMR H/F
@ ASSYSTEM | Lyon, France
Senior DevSecOps Consultant
@ Computacenter | Birmingham, GB, B37 7YS