A new exploit kit known as Fallout discovered by security researcher Nao Sec, is being used to distribute the Gandcrab ransomware as well as other nasty programs.
Mike Bittner, Digital Security & Operations Manager at The Media Trust:
“Malicious campaigns involving the GandCrab ransomware examplifies the intensifying digital arms race between malicious actors and security providers. In early August, a security provider released a vaccine app that would trick the ransomware into thinking a machine had already been infected. Within a few hours, the GandCrab author announced the release of an exploit code targeting the vaccine app. Soon after, vendor announced the development of a patch to their product. In order to survive or thrive in this digital arms race, companies need to piece together a robust digital defense program that includes conducting regular updates, scanning the code and activities within their digital ecosystem, knowing who their direct and indirect digital third parties are, and working closely with these parties on rooting out malicious actors once they’ve been identified. In today’s digital environment, organizations can no longer deal with their security threats without this type of “community policing” approach. Traditional antivirus simply cannot contain the new attacks that hit the ecosystem every 30 seconds.”