Mitra Data Security | Categorías Fases

User notification and clean-up (T -15.00)

After the backup copies are deleted and encryption is complete, the user receives instructions on how to recover their data, and they are coerced into making a payment (usually in...

03 junio, 2018

File encryption (T -02:00)

Once the backup files are deleted, the malware performs a secure key exchange with the command and control server (C2). This establishes the encryption keys which will be used in...

03 junio, 2018

Backup hijacking (T -00.10)

Shortly after, the ransomware attacks the files and folders with backup copies in the victim’s system and deletes them to ensure that the backup copies cannot be used to recover...

03 junio, 2018

Delivery and execution (T -00.05)

During this phase, the actual ransomware is delivered to the victim’s device. After downloading it, persistence mechanisms are implemented. ...

03 junio, 2018

Exploitation and infection (T -00.00)

For the attack to be carried out, the ransomware file needs to be downloaded on a computer. This often occurs through a phishing email or a malicious exploit kit code....

03 junio, 2018

User notification and clean-up (T -15.00)

File encryption (T -02:00)

Backup hijacking (T -00.10)

Delivery and execution (T -00.05)

Exploitation and infection (T -00.00)

EXPLORAR SITIO

CONTACTO