It is currently 22-08-2017 10:21

Discovered a new ransomware-cryptographer for 1C

Discovered a new ransomware-cryptographer for 1C

by 1127 » 2016-06-24 11:13:00


Ransomware encrypts files on the system and demands a ransom for decryption.


The company "Doctor Web" detected malware threat targeting users in accounting software 1C. Trojan-the Trojan is detected by antivirus as 1C.Drop.1.

The malware spread via email using a list of contractors compromised system. The infected system begins to send out a letter with the subject "we replaced the BIC of the Bank" and the following contents:

Qoute:"Hello!
We have changed the Bank's BIC.
Please update your classifier banks.
This can be done automatically, if You use 1C: Enterprise 8.
File - Open processing updates the classifiers from the attachment.
Click YES. The classifier will be updated automatically.
While the Internet for 1-2 minutes."


Together with the letter extends an attachment "ПроверкаАктуальностиКлассификаторабанков.the epf". After you run the attachment, the Trojan will start mailing by contractors, and then begin to encrypt files on disk. A cryptographer is defined as a Trojan.Encoder.567 terminology "Doctor Web".

1C.Drop.1 is able to work with the following database configurations of 1C:
"Trade management, revision 11.1"
"Trade management (base), edition 11.1"
"Trade management, revision 11.2"
"Trade management (base), edition 11.2"
"Accounting enterprise edition 3.0"
"Accounting enterprise (base), edition 3.0"
"1C:Comprehensive automation 2.0"

__tp://news.drweb.ua/show/?i=10034&c=5&lng=uk&p=0
1127
users
Сообщений: 239
Депозит: 0 BTC

Rating: 0

double vpn сервис

by Admin » 2017-08-22 10:21:13

double vpn сервис

приватный double vpn сервис

Admin
 

Discovered a new ransomware-cryptographer for 1C

by cronbot » 2016-07-05 03:52:14

that's great parnyagi, muddied.
cronbot
users
Сообщений: 47
Депозит: 0 BTC

Rating: 4