NOW we are getting closer to the "truth"...on the Russian cyber attack on Ukraine....
Our research in the middle of the attack pointed cleanly to a total of six Russian based servers involved in this attack...four were disabled.....
Russian media runs story of possibly Petya being created in Russia.
https://twitter.com/vasilymaximov/st...3832820912129#
Новые Известия#
@newizvestia
Follow
Вирус-вымогатель Petya мог быть создан в России
https://newizv.ru/news/tech/04-07-20...es_1mi#…
#новости
Normally if in fact this was a true criminal ransomware attack there would have been some kind of chatter on the deep dark net blogs about "something new in the way of ransomware"...BUT there was absolutely nothing....silence and that alone is unusual.....
So the ransomware appearance of the attack was simply a well designed camouflage....as was the "apparent sloppiness of the coding"....which was not sloppy at all.....
WHAT is far more important and has not been written about is the fact that the malware carried LSADump which is a hacker tool designed to collect passwords and domain servers and feed that info back to the control servers which in fact happened thus providing the necessary data for future successful attacks using that data...
Bookmarks