Crimeware trends: self-propagation and driver exploitation

If one sheep leaps over the ditch, the rest will follow. This is an old saying, found in various languages, and it can be applied to ransomware developers. In previous blog posts, Kaspersky researchers highlighted an increase in the popularity of platform-independent languages and ESXi support, and recently, Kaspersky published a research about ransomware borrowing these propagation methods.

Last month, Kaspersky wrote in their crimeware reporting service about further ransomware variants that now had their own methods for copying and executing malware on other machines within the network.

Kaspersky researchers also highlighted a case of abusing vulnerable drivers, something that might become popular in the future as well. In this blog post, Kaspersky researchers provide excerpts from these reports.

Read more…
Source: Kaspersky