Sophos Rapid Response services that were introduced recently to neutralize cyberattacks has identified a new malware in the wild. Dubbed as Buer, the malware is said to be delivering ransomware to Microsoft Windows PCs.
Ā
As per the discovery made by the security researchers of Sophos, Buer is known to target victims via spear-phishing attacks which then after is remotely controlled by its developers to deliver payloads such as file-encrypting malware.
Ā
āTime is a critical factor when a cyber threat targets a network as every second count between the time of initial compromise and neutralization in the attack lifecycleā, said Joe Levy, the Chief Technology Officer of Sophos.
Ā
Buer was identified by the Sophos Rapid Response team while neutralizing the effects of the new tools, techniques, and procedures propelled by those linked to the distribution of RYUK ransomware.
Ā
Note 1-Ā Sophos Rapid Response team is an industry-first incident response service that helps in tracking down and neutralizing the attacks in its 45-day time frame of engagement. And as a part of this service, it offers a dedicated 24/7 team of incident responders, threat hunters, and threat analysts to block cyber-attacks and get rid of adversaries from networks thus cutting down costs and cuts down data recovery time.
Ā
Note 2-Ā Buer malware has been detected in the wild since August 2019 and is being distributed through email campaigns.Ā
Ā
Note 3-Ā A ransomware is a kind of malware that encrypts a database until a ransom is paid. Some ransomware spreading gangs first steal a portion of data and then lock down the database from access until a ransom is paid. And if the victim fails to pay the ransom, then that data is sold on the dark web for monetary benefits.