Home Resources Blog First-Ever Ransomware Found Using Using ‘Process Doppelgänging’ Attack to Evade Detection

First-Ever Ransomware Found Using Using ‘Process Doppelgänging’ Attack to Evade Detection

GlobalDots
11.05.18 1 Min read

Security researchers have spotted the first-ever ransomware exploiting Process Doppelgänging, a new fileless code injection technique that could help malware evade detection.

The Process Doppelgänging attack takes advantage of a built-in Windows function, i.e., NTFS Transactions, and an outdated implementation of Windows process loader, and works on all modern versions of Microsoft Windows OS, including Windows 10.

Process Doppelgänging attack works by using NTFS transactions to launch a malicious process by replacing the memory of a legitimate process, tricking process monitoring tools and antivirus into believing that the legitimate process is running.

Security researchers at Kaspersky Lab have now found the first ransomware, a new variant of SynAck, employing this technique to evade its malicious actions and targeting users in the United States, Kuwait, Germany, and Iran.

Image Source

Read more: The Hacker News

Latest Articles

Cloud Cost Optimization FinOps
Navigating The Stormy Seas of Cloud Storage: Slash Cloud Storage Costs by 70% with GlobalDots’ Curated Autoscaler

Imagine navigating your digital ship through the turbulent seas of cloud storage management. One wrong calculation, and you’re either sinking under the weight of overprovisioning or losing speed due to performance hiccups. But what if there was a compass that could make this voyage smooth sailing? GlobalDots presents you with an Autoscaler that’s revolutionizing the […]

GlobalDots
28.09.23
Cloud Cost Optimization
Clarity in the Clouds: Innovative Solutions for Aviation

In the competitive world of aviation, where alliances are often forged with rivals, and competitors share skies as partners – GlobalDots is your co-pilot in navigating clouds of looming threats. Now, we are introducing our new e-book, which explores our curated innovative solutions for Aviation, including: Nowadays, where buying a ticket is just the beginning […]

Dr. Eduardo Rocha Senior Solutions Engineer & Security Analyst @ GlobalDots
21.09.23
Cloud Cost Optimization FinOps
FinOps vs DevOps: Key Differences and What Each Role Requires

Before widespread cloud adoption, the cloud’s major selling point was a reduction in computing costs. Today, however, many organizations find themselves mired in increasingly costly and complex cloud environments, even forcing industry leaders such as Nvidia back toward on-prem setups. The priorities upheld by DevOps throughout the last decade have played a major role in […]

GlobalDots
19.09.23
Back to Resources

Unlock Your Cloud Potential

Schedule a call with our experts. Discover new technology and get recommendations to improve your performance.

Unlock Your Cloud Potential