First-Ever Ransomware Found Using Using ‘Process Doppelgänging’ Attack to Evade Detection

Security researchers have spotted the first-ever ransomware exploiting Process Doppelgänging, a new fileless code injection technique that could help malware evade detection.

The Process Doppelgänging attack takes advantage of a built-in Windows function, i.e., NTFS Transactions, and an outdated implementation of Windows process loader, and works on all modern versions of Microsoft Windows OS, including Windows 10.

How One AI-Driven Media Platform Cut EBS Costs for AWS ASGs by 48%

How One AI-Driven Media Platform Cut EBS Costs for AWS ASGs by 48%

Process Doppelgänging attack works by using NTFS transactions to launch a malicious process by replacing the memory of a legitimate process, tricking process monitoring tools and antivirus into believing that the legitimate process is running.

Security researchers at Kaspersky Lab have now found the first ransomware, a new variant of SynAck, employing this technique to evade its malicious actions and targeting users in the United States, Kuwait, Germany, and Iran.

A silhouette of a figure in a hoodie surrounded by green binary code,representing themes of hacking and cybersecurity.
Image Source

Read more: The Hacker News

Latest Articles

Closing the Gaps in API Security: How to Build Visibility and Protection for Modern Enterprises

APIs may be your organization’s greatest enabler, but without proper context, they can become its Achilles’ heel. APIs power modern digital ecosystems, connecting applications, enabling seamless machine-to-machine communication, and driving operational efficiencies. However, as APIs become the backbone of enterprises, they also represent an expanding attack surface — one that traditional Web Application and API […]

27th February, 2025
What are the biggest business worries in 2025?

No matter their industry or profession, practically every business in the UK and around the world has concerns for the year ahead. Whether it’s employee retention, rising costs, or simply finding new customers, each and every business owner has to make crucial decisions around these fears in order to successfully lead their company forward. However, […]

20th February, 2025
From 2024 to 2025: The Evolving DDoS Threat Landscape

The numbers from the DDoS landscape tell a troubling story. In Q3 2024, DDoS attacks reached unprecedented levels, reaching a record-breaking Tbps and billion packet-per-second attack. These hyper-volumetric campaigns tested the resilience of global networks against attackers who are becoming faster, smarter, and more resourceful. They also became a wake-up call for IT leaders who […]

13th February, 2025

Unlock Your Cloud Potential

Schedule a call with our experts. Discover new technology and get recommendations to improve your performance.

    GlobalDots' industry expertise proactively addressed structural inefficiencies that would have otherwise hindered our success. Their laser focus is why I would recommend them as a partner to other companies

    Marco Kaiser
    Marco Kaiser

    CTO

    Legal Services

    GlobalDots has helped us to scale up our innovative capabilities, and in significantly improving our service provided to our clients

    Antonio Ostuni
    Antonio Ostuni

    CIO

    IT Services

    It's common for 3rd parties to work with a limited number of vendors - GlobalDots and its multi-vendor approach is different. Thanks to GlobalDots vendors umbrella, the hybrid-cloud migration was exceedingly smooth

    Motti Shpirer
    Motti Shpirer

    VP of Infrastructure & Technology

    Advertising Services