Diavol Ransomware is confirmed of being stealing data

The stealing of data by Diavol ransomware has been believed to be a bluff earlier. But security analysts have confirmed with proof that Diavol is in fact stealing data.

The stealing of data by Diavol ransomware has been believed to be a bluff earlier. But security analysts have confirmed with proof that Diavol is in fact stealing data.

The Campaign-

SpearTip provided a report that had given the details of the role of ransomware in stealing data.

  •         The attackers used Cobalt Strike’s HTTP beacon for the facilitation of data exfiltration ability.
  •         The attack is difficult to detect since the beacon is named sysr[.]dll. The attacker creates a folder and stores them in this folder.
  •         The technique of injecting the malware into the memory of the software that has been compromised app also makes it challenging.

The Dilemma that the ransomware did not steal data or not was there due to the fact that they did not use their capability in that executable packet. They enabled the exfiltration of the data using the tactics from the invasive environments.

Conclusion-

This new malware shows a very evasive nature. Security professionals have to come up with new and more advanced techniques and tools to avoid such attacks.

By IEMA IEMLabs

IEMLabs is an ISO 27001:2013 and ISO 9001:2015 certified company, we are also a proud member of EC Council, NASSCOM, Data Security Council of India (DSCI), Indian Chamber of Commerce (ICC), U.S. Chamber of Commerce, and Confederation of Indian Industry (CII). The company was established in 2016 with a vision in mind to provide Cyber Security to the digital world and make them Hack Proof. The question is why are we suddenly talking about Cyber Security and all this stuff? With the development of technology, more and more companies are shifting their business to Digital World which is resulting in the increase in Cyber Crimes.

Leave a comment

Your email address will not be published.