Home Data Center XData and SambaCry add to the whopping number of data breaches this year

XData and SambaCry add to the whopping number of data breaches this year

XData and SambaCry add to the whopping number of data breaches this year

Weeks after WannaCry appeared center stage, networks around the world are still being bombarded with clusters of cyber threats including Adlykuzz and EternalRocks. But is that all? Nope. Two more threats, XData and SamabaCry are already doubling the number of existing threats. Since WannaCry, almost half of all data breaches have affected the business sector, causing headaches for enterprises.

XData, which was first discovered by malware security researcher S!Ri, is eerily similar to WannaCry; XData even targets EternalBlue, the same exploit that WannaCry used. Like typical ransomware, XData encrypts the victim’s files and then asks for a ransom to decrypt them. After encrypting the files, XData appends those files’ names with the suffix XData (e.g.,“demo.jpg-xdata-“). It also creates a new file in each folder called “How_can_I_decrypt_my_files.txt,” which is the XData ransom note shown below.

XData employs asymmetric cryptography, requiring both public and private keys to decrypt the files. Victims have to pay a ransom, usually between $500 and $1,000 to receive this private key from the XData developers. In most cases, however, paying the ransom hasn’t gotten victims their files back. Cybersecurity researchers have stated that 90 percent of attacks related to XData have targeted individuals in Ukraine, but that doesn’t mean individuals in other countries are safe. XData also has a lot of other ransomware variants like Stampado, ONYONLOCK, Cryptoviki, and Spora

Even though these ransomware attacks have primarily targeted Windows users, Linux users are no longer an exclusion. Many Linux users rely on Samba, an open source software suite, to seamlessly transfer files and print services to SMB/CIFS clients. Similar to how WannaCry exploited the SMB vulnerability in Windows, this new malware (nicknamed SambaCry) exploits a seven-year-old vulnerability in Samba. This vulnerability—indexed as CVE-2017-7494—affects how Unix machines communicate with Microsoft systems.

Read the entire article here, XData and SambaCry add to the whopping number of data breaches this year « ManageEngine Blogs

via the fine folks at ManageEngine

ManageEngine ManageEngine delivers the real-time IT management tools that empower IT teams to meet organizational needs for real-time services and support. Worldwide, established and emerging enterprises - including more than 60 percent of the Fortune 500 - rely on ManageEngine products to ensure the optimal performance of their critical IT infrastructure, including networks, servers, applications, desktops and more. ManageEngine is a division of Zoho Corporation with offices worldwide, including the United States, India, Singapore, Japan and China.

Featured Resources:

Related Articles:


White Papers

    Application Lifecycle Management with Stratusphere UX – White Paper

    Enterprises today are faced with many challenges, and among those at the top of the list is the struggle surrounding the design, deployment, management and operations that support desktop applications. The demand for applications is increasing at an exponential rate, and organizations are being forced to consider platforms beyond physical, virtual and cloud-based environments. Users […]


      Download Commvault VM Backup and Recovery: end-to-end VM backup, recovery and cloud management

      Commvault’s ability to provide end-to-end VM backup, recovery and cloud management creates a significantly better way to build, protect and optimize VMs throughout their lifecycle. Our best-in-class software for VM backup, recovery and cloud management delivers a number of significant benefits, including: VM recovery with live recovery options; backup to and in the cloud; custom-fit […]

      On-Demand Webinars

        What’s Going on in EUC Printing – A Technical Deep Dive!

        The IGEL Community and ThinPrint invite you to watch the following technical deep dive webinar. The agenda is to technically bring you up to speed on what’s going on in the EUC Printing space today along with a deep dive into new methods, technologies, printing scenarios and a discussion on why printing still matters. You […]

        Latest Videos

          Views All IT News on DABCC.com
          Views All IT Videos on DABCC.com
          Win big $$, visit ITBaller.com for more info!

          Visit Our Sponsors