Ransomware Distribution: How One Infection Can Go Network-Wide

Ransomware’s undisputed notoriety extends far beyond its selectively destructive capabilities. Not unlike a (computer worm) this type of malware has an innate system- and device-skipping ability making it able to infect multiple devices and, of course, networks. In this article, we are going to take a closer look at what it’s called” lateral movement”, which is another word for ransomware distribution.  Enjoy!

How Does Ransomware Spread?

Before we start talking about lateral movement, we should take a moment to think about how ransomware actually spreads. The most obvious choice would be the email way. Why? Simply because it’s convenient, it’s out there and threat actors don’t need to go through flaming hoops in order to come up with a good ‘disguise’ for the email’s contents. Here’s a quick example: a pdf attachment with a .vbs extension.

It takes about five seconds to come up with a long-winded name for your “.pdf” file. After that, you only need to apply the right icon, make sure that the fake .pdf extension remains within the viewable field of characters and that’s it. No one will bother looking at what’s written after the extension itself. Just how efficient is this ransomware distribution method?


Read More: https://heimdalsecurity.com/blog/ransomware-distribution/