« previous next »
Pages: [1]   Go Down

Author Topic: js script powershell ransomware doesnt blocked by avast  (Read 1073 times)

0 Members and 1 Guest are viewing this topic.

REDACTED

  • Guest
js script powershell ransomware doesnt blocked by avast
« on: September 01, 2017, 07:14:16 AM »
Logged

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37544
  • Not a avast user
Re: js script powershell ransomware doesnt blocked by avast
« Reply #1 on: September 01, 2017, 07:17:26 AM »
Logged

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33912
  • malware fighter
Re: js script powershell ransomware doesnt blocked by avast
« Reply #2 on: September 01, 2017, 04:15:39 PM »
Should be added to detection, read about analysis here: https://www.reverse.it/sample/7a6d5ae7d7bc2849ea40907912a27e8aa6c83fafd952168f9e2d43f76881300c?environmentId=100

A new ransomware variant avoided detection by being spread through a spear phishing email campaign as an obfuscated PowerShell script. Many traditional anti-malware solutions are not ready for the next generation of ransomware attacks:
see test results:
-https://www.acronis.com/en-us/blog/posts/nioguard-security-lab-are-you-protected-next-generation-ransomware-attacks  *1

Also see: https://malwr.com/analysis/N2NjMzUwNzQ4NDNlNDIwYWI5NjY2ZDBkODM1ODU5YWM/ 
Re: -https://reports.nioguard.com/RansomwareProtectionTest_April2017.pdf   *2 (links *1 & *2  not given live, as we here do not spam for alternate products). Also read on detection: https://myonlinesecurity.co.uk/new-powershell-ransomware-coming-in-malspam-emails-pretending-to-be-email-bounce-messages/

polonus (volunteer website security analyst and website error-hunter)
« Last Edit: September 01, 2017, 04:22:56 PM by polonus »
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!
Pages: [1]   Go Up
« previous next »