Ransomware, Threat Intelligence

Newly emergent Nnice ransomware examined

Cybernews reports that Windows systems have been targeted by the new Nnice ransomware strain with innovative encryption and detection bypass capabilities, which has been proliferating across several dark web hacking sites.

Initial compromise with Nnice ransomware enables not only the exfiltration of credentials, web session cookies, and emails and the identification of security software but also the escalation of privileges, attainment of boot-level persistence, and encryption of files with the ".xdddd" extension, according to an investigation by the CYFIRMA Research and Advisory team. Process injection and DLL sideloading have also been conducted by Nnice ransomware, which finishes its attacks with a ransom note detailing file recovery instructions and the application of a new wallpaper noting the encryption of all files within the impacted system. Such a development was noted by CYFIRMA researchers to warrant the adoption of robust encryption and security protocols across cloud and local environments.

An In-Depth Guide to Ransomware

Get essential knowledge and practical strategies to protect your organization from ransomware attacks.

Related

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

Related Terms

Account HarvestingBlack HatBrute ForceDictionary AttackDistributed ScansDomain HijackingDumpster DivingFault Line AttacksGoogle HackingPassword Cracking

You can skip this ad in 5 seconds