Cyberattack hit computers of the Maastricht University in the Netherlands. Clop ransomware, an AES cryptomix variant, launched by malcreants hiding behind a protonmail address.
Newer variants of the Clop ransomware also will disable av-protection.
The word clop comes from a word "Klop", Клоп in Russian, which is a term for a sort of bloodsucking bedbug,
but in this case it should be taken more to mean an equivalent of the technical term "bug".
?
We are waiting for a decryptor, but if professionally performed AES strenght, it is nearly uncrackable and cannot be defeated.
Infection methods are:
Spam email attachments or hyperlinks;
Insecure RDP connections;
Compromised or hacker-designed websites
Re-packed installers;
Keygens, cracks, and other executables;
Exploit kits, etc.
Authorities have been warning for this dangerous webthreat coming for months now.
And it took Maastricht University by surprise just before Christmas' Eve,
Info credits above go to: luntrus
polonus