HACKER’S HEIST CACTUS RANSOMWARE - PowerPoint PPT Presentation

About This Presentation
Title:

HACKER’S HEIST CACTUS RANSOMWARE

Description:

This PDF delves into the Cactus Ransomware attack, dissecting its strategies, impact, and Defense measures. Explore the intricacies of this cyber heist, its targets, and the ransom demands. Learn how organizations can protect themselves against such threats and the importance of robust cybersecurity practices. – PowerPoint PPT presentation

Number of Views:2
Slides: 10
Provided by: infosectrain01
Tags:

less

Transcript and Presenter's Notes

Title: HACKER’S HEIST CACTUS RANSOMWARE


1
HACKERS HEIST
learntorise
US
CRANASOMCWARTE
0 0 1 0 0 1 0 0 1 0 0 1
1 1 0 1 1 0 1 1 0 1 1 0
1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1
0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1
0 0 0 0 0 0 0 0 0 0 0 0
1 1 1 1 0 1 1 1 1 0 1 1 1 1 0 1 1 1 1 0
1 0 1 0 1 0 1 0
0 0 0 0 0 0 0 0
0 0 1 0 0 1 0 0 1 0 0 1
1 1 1 1 1 1 1 1
0 0 1 1 0 0 1 1 0 0 1 1 0 0 1 1
1 0 1 0 1 0 1 0
0 0 0 0 0 0 0 0
1 1 0 1 1 0 1 1 0 1 1 0
1 1 1 0 1 1 1 0 1 1 1 0 1 1 1 0
0 0 0 0
0 1 0 1 0 1 0 1
1 1 1 0 1 1 1 0 1 1 1 0 1 1 1 0
1 1 1 0 1 1 1 0 1 1 1 0 1 1 1 0
0 0 0 0 0 0 0 0
PAY FOR UNLOCK
2
WHAT IS
www.infosectrain.com
learntorise
CACTUS
RANSOMWARE
Cactus Ransomware sets itself apart with its
distinctive encryption methods, making it
difficult to detect by security tools. It
exploits VPN vulnerabilities to infiltrate
networks instead of relying on phishing emails,
and it possesses the uncommon ability to
self-encrypt, enhancing its chances of
remaining undetected on compromised systems.
LOREM IPSUM Lorem ipsum dolor sit amet,
consectetur adipiscing elit, sed diam nonummy
3
CACTUS
www.infosectrain.com
learntorise
RANSOMWARE Attack Tactics Techniques Procedures
STEP 1 The attacker gets into the victim's
network using a weakness in a VPN appliance. They
do this by taking advantage of
known vulnerabilities in VPN appliances that
haven't been fixed or updated.
VPN
CONNECT
4
STEP 2
www.infosectrain.com
learntorise
The attacker conducts an internal network scan
using tools like SoftPerfect Network Scanner or
PSnmap to create a map of the environment.
STEP 3 The attacker installs the
Cactus ransomware on the victim's system. This
can be done through various methods, such as
phishing emails, malicious attachments, or
drive by downloads.
!
5
STEP 4
www.infosectrain.com
learntorise
The attacker installs Remote Monitoring and
Management (RMM) tools on compromised systems,
enabling remote access and file pushing
capabilities.
STEP 5 To facilitate lateral movement, the
attacker deploys the CobaltStrike
post-exploitation framework and Chisel proxying
tool.
6
STEP 6
www.infosectrain.com
learntorise
The attacker executes a script to disable widely
used anti-virus tools to decrease the chances of
their tools being detected and blocked.
STEP 7 The attacker employs the Rclone tool to
conduct data theft from the environment,
automating the process for data exfiltration.
7
STEP 8
www.infosectrain.com
learntorise
The attacker utilizes a PowerShell script to
distribute ransomware across all systems within
the environment.
8
CACTUS
www.infosectrain.com
learntorise
TIPS TO PROTECT YOURSELF FROM
RANSOMWARE
  • Keeping VPN appliances up to
  • date with the latest security patches.
  • Using network monitoring tools to detect
    suspicious activity.
  • Educating yourself about ransomware attacks.
  • Implementing strong password policies
  • and enforcing multi-factor authentication.

01 02 03 04
9
FOUND THIS USEFUL?
Get More Insights Through Our FREE Courses
Workshops eBooks Checklists Mock Tests
LIKE
SHARE
FOLLOW
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "HACKER’S HEIST CACTUS RANSOMWARE" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!