CyberNews Briefs

Sodinokibi Ransomware Exploits Windows Bug to Elevate Privileges

A new ransomware strain referred to as Sodinokibi or Sodin distinguishes itself from other strains by its exploitation of CVE-2018-8453, a privilege escalation vulnerability affecting Microsoft Windows 7, 8, 10 and various Windows Server editions. Microsoft released a patch in October of 2018, but many systems remain vulnerable.

Kaspersky research shows that the ransomware is mostly used to target systems in parts of East Asia, with the most targeted countries being Taiwan (17.56%), Hong Kong (9.76%), South Korea (8.78%) and Japan (8.05%). Other targeted countries include Germany (8.05%), Italy (5.12%), Spain (4.88%), Vietnam (2.93), the US (2.44%), and Malaysia (2.20%).

Read more: Sodinokibi Ransomware Exploits Windows Bug to Elevate Privileges

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.