Security Audit

Our Web Application Pentest ( WAP) attempts to address the Owasp top 10 & SANS top 20 web application vulnerabilities and other exploitable loopholes of your web application . Along with it our WAP team also test web applications for Business logic flaws that can directly or indirectly effect the functioning of application.

Trainings

We are here to help you solve your biggest query- where and how to start? CDI has brought various courses in Ethical Hacking in Chandigarh where all you technology lovers will be given the much needed push to move forward and create a niche for yourself in the field. From Beginner to Expert level we have many kinds of training patterns.

Call Us : +91-771045-0011 | +91-771045-0022

Hackers are targeting Web Servers with “KimcilWare Ransomware”!

 

Do you know about Ransomware? (click here to know about Ransomware) Security Researchers has found a new Ransomware called KimcilWare. This is a hard coded Ransomware, which is specially designed by its authors to target web servers and many e-commerce business websites. This Ransomware is more affective on that websites, which are using Magento. MalwareHunterTeam discovered this Ransomware. The researchers of this team said, it is not clear yet that how hackers are targeting websites and how they are encrypting the files of websites which are present in control panel of website.

When security researchers were investigating a particular case of this, they found that each file present on the web server was saved with an extension “.kimcilware”. From here they got an idea about the name of this ransomware. Hackers are encrypting the files of websites by using a Cipher of Rijndael family. Hackers are demanding $400 from victims for decrypting the infected files.

Authors of this Ransomware are very smart and they are using a special hard coded script. This script is capable to encrypt all the files at same time and then it can save the files with an extension “.kimcilware”. After changing the extension of files, it also uploads an index file on the web server. The main motive oh hackers behind uploading this index file on server is to inform the victim that his server is under control of the ransomware.

Hackers are demanding money only through “Bitcoin” in order to protect themselves from being tracked by the security agencies. Hackers are leaving a message behind on the website with their email address tuyuljahat@hotmail.com. It is obvious that it is a fake email account, because there is no need of any personal information while you are making an account on BitCoin.

This Ransomware is a big danger for e-commerce websites. It can ruined the all business of e-commerce websites. In the end there is a suggestion for Magento users, please update your Magento platform into latest its latest version, either your business could face a huge risk. Use unique and strong password for your accounts.

Leave a Reply

Name
Email id
Contact No
Comment

See more of Cyber Intelligence by logging in.
Connect with cyber security experts,Discover job opportunities,Online Training, Information Security Advisory and lot more.