Ekans Ransomware
The EKANS Ransomware is a new ransomware strain attacking most of all the industrial control systems (ICS) of large-scale enterprises such as refineries, power plants and factories. Unlike earlier ransomware attacks, which targeted one or more PCs within the entire system, the EKANS Ransomware aims to bring down 64 specific software processes, which are crucial to the proper functioning of the entire ICS. Once this goal is complete, the EKANS Ransomware goes on to encrypt all the data it comes across along the way, leaving a ransom note in the end.
The infection vector used by the EKANS Ransomware is unknown currently. However, that does not exclude the conventional distribution methods such as phishing, spamming, exploiting unpatched vulnerabilities and malvertising. That is why separating the ICS from any Windows-based networked PCs is highly recommended. Security analysts point out the EKANS Ransomware ability to terminate processes and encrypt data, as well as its inability to execute any commands whatsoever, which turns it into a less-than-sophisticated piece of ransomware for the time being.
Although reports trace the EKANS Ransomware back to December 2019, no organization has reported an EKANS Ransomware infection yet, although some security researchers suspect a successful attack in the Middle East. They also consider the EKANS Ransomware the first industrial-targeted ransomware to have been developed by private crooks looking for financial gains rather than industrial espionage merely.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.