1. Home
  2. Data Center
  3. XData and SambaCry add to the whopping number of data breaches this year

XData and SambaCry add to the whopping number of data breaches this year


Weeks after WannaCry appeared center stage, networks around the world are still being bombarded with clusters of cyber threats including Adlykuzz and EternalRocks. But is that all? Nope. Two more threats, XData and SamabaCry are already doubling the number of existing threats. Since WannaCry, almost half of all data breaches have affected the business sector, causing headaches for enterprises.

XData, which was first discovered by malware security researcher S!Ri, is eerily similar to WannaCry; XData even targets EternalBlue, the same exploit that WannaCry used. Like typical ransomware, XData encrypts the victim’s files and then asks for a ransom to decrypt them. After encrypting the files, XData appends those files’ names with the suffix XData (e.g.,“demo.jpg-xdata-“). It also creates a new file in each folder called “How_can_I_decrypt_my_files.txt,” which is the XData ransom note shown below.

XData employs asymmetric cryptography, requiring both public and private keys to decrypt the files. Victims have to pay a ransom, usually between $500 and $1,000 to receive this private key from the XData developers. In most cases, however, paying the ransom hasn’t gotten victims their files back. Cybersecurity researchers have stated that 90 percent of attacks related to XData have targeted individuals in Ukraine, but that doesn’t mean individuals in other countries are safe. XData also has a lot of other ransomware variants like Stampado, ONYONLOCK, Cryptoviki, and Spora

Even though these ransomware attacks have primarily targeted Windows users, Linux users are no longer an exclusion. Many Linux users rely on Samba, an open source software suite, to seamlessly transfer files and print services to SMB/CIFS clients. Similar to how WannaCry exploited the SMB vulnerability in Windows, this new malware (nicknamed SambaCry) exploits a seven-year-old vulnerability in Samba. This vulnerability—indexed as CVE-2017-7494—affects how Unix machines communicate with Microsoft systems.

Read the entire article here, XData and SambaCry add to the whopping number of data breaches this year « ManageEngine Blogs

via the fine folks at ManageEngine

ManageEngine ManageEngine delivers the real-time IT management tools that empower IT teams to meet organizational needs for real-time services and support. Worldwide, established and emerging enterprises - including more than 60 percent of the Fortune 500 - rely on ManageEngine products to ensure the optimal performance of their critical IT infrastructure, including networks, servers, applications, desktops and more. ManageEngine is a division of Zoho Corporation with offices worldwide, including the United States, India, Singapore, Japan and China.

Featured Resources:

Related Articles:


White Papers

‘All You Need to Know About Microsoft Windows Nano Server’ Veeam White Paper

Now updated for Windows Server 2016 GA release! You probably heard about Windows Nano Server already … but what is it exactly, and how do you get started with it? What value will it bring to your environment? Nano Server is a headless, 64-bit only deployment option for Windows Server 2016. Microsoft created this component specifically with […]


Download Commvault VM Backup and Recovery: end-to-end VM backup, recovery and cloud management

Commvault’s ability to provide end-to-end VM backup, recovery and cloud management creates a significantly better way to build, protect and optimize VMs throughout their lifecycle. Our best-in-class software for VM backup, recovery and cloud management delivers a number of significant benefits, including: VM recovery with live recovery options; backup to and in the cloud; custom-fit […]

On-Demand Webinars

Architecting for today’s desktop environments – FSLogix On-Demand Webinar

October 19, 2017 Webinar with David Young, Solutions Architect and Product Champion, and Brandon Lee, Solutions Marketer. Video Recording of a live demo of FSLogix and an overview of the latest release of FSLogix Apps featuring Roaming XenApp Email Search and OneDrive App along with Skype for Business Global Address List and Device Based Licensing. […]

Latest Videos

Current State of EUC – E2EVC Video

Session from @E2EVC 2017 Orlando. For event information please visit www.e2evc.com/home. For slides, additional info etc please contact the presenter directly on Twitter. For best video and sound quality do visit the event! This video is from the fine folks at E2EVC Conference

Views All IT News on DABCC.com
Views All IT Videos on DABCC.com
Win a Tesla P100D

Visit Our Sponsors