Sodinokibi: A new threat has emerged, according to ESET surveys, which targets companies that provide managed services (MSP) and small and medium enterprises around the world.
This is Sodinokibi, a dangerous ransomware, which first appeared near the end of April 2019, peaked in June, and, by the end of the year, had hit mainly users in the United States, but also a wide range of targets worldwide.
According to ESET researchers, the cybercriminals behind Sodinokibi seem to prefer to use automated tools, such as exploit kits or spam, to distribute their ransomware, rather than hacking into computers via the RDP protocol.
At this stage, if a company falls victim to Sodinokibi and is held for ransom, it is not possible toencryption παρά μόνο αν χρησιμοποιηθούν τα κλειδιά των χάκερ. Η τηλεμετρία της ESET έδειξε ότι οι συσκευές που ήταν πιο εύκολο να μολύνει το Sodinokibi, είχαν λογισμικό ασφαλείας με λάθος ρυθμίσεις ή δεν είχαν γίνει οι updates.
ESET urges MSPs and SMEs to test their defenses against ransomware and to better understand the factors that can lead to their systems being compromised by first implementing the following key steps:
___________________
• Take backups on a regular basis and keep at least one full backup of the most valuable ones data in an offline environment.
• Update all software and applications - including operating systems.
• Use a reliable, multi-level security solution and make sure it is up to date.
• Check your networks for dangerous accounts using weak passwords access.
• Disable or uninstall any unnecessary services and software.