A Neowin article dated 1/26/23 has listed Everything as being an attack vector for Mimic ransomware according to Trend Micro. See article: https://www.neowin.net/news/new-ransomw ... verything/
I like the program with the speed it gets the information I need from my system. I have been using the program for several months, evaluating its use for deployment, however I can't do that with the propensity of users to click on links they should not. I can't risk compromising our network systems by some idiot that needs to check out some link to a "package" that can't be delivered.
As this article is three months old, has this issue been reported, and is there any movement of fixing the issue?
Ransomware Attack Vector
Re: Ransomware Attack Vector
FYI:New Mimic ransomware abuses ‘Everything’ Windows search tool
Also note that the malware is not "using" the Everything you have on your computer, but rather using Everything functionality in its' malware which happens to include Everything.dll [which is available to all]. And even if Everything.dll were not available or didn't even exist, there are other means to the same end, just not as efficient.
Also note that the malware is not "using" the Everything you have on your computer, but rather using Everything functionality in its' malware which happens to include Everything.dll [which is available to all]. And even if Everything.dll were not available or didn't even exist, there are other means to the same end, just not as efficient.
-
- Posts: 2
- Joined: Tue Apr 11, 2023 4:08 pm
Re: Ransomware Attack Vector
Thanks. I tried looking through the General forum, but it appears I did not go back far enough. Glad to see the issue has already been noted. Hopefully a way to block the ransomware can be found.
-
- Posts: 686
- Joined: Wed Jan 05, 2022 9:29 pm
Re: Ransomware Attack Vector
I note too that "Mimic ransomware attacks begin with the victim receiving an executable, presumably via email, ..." which in human terms means that the ransomware targets people who click on an executable that they receive by email.therube wrote: ↑Tue Apr 11, 2023 4:40 pm FYI:New Mimic ransomware abuses ‘Everything’ Windows search tool
That is, the target is humans who blindly click on anything that "might be interesting"
Cheers, Chris
Re: Ransomware Attack Vector
Everything is not being used as an attack vector.
The attacker is installing Everything on an already infected PC.
The attacker is installing Everything on an already infected PC.