GIBON is a new type of ransomware that first emerged on the scene last week and has since been utilized in a wide range of cyber-attacks. The main way this GIBON-variant is spread is by malspam with an attached malicious document, which contain macros that will download and install the ransomware on a computer. This means that through phishing emails, users are tricked or induced into opening a file containing the ransomware, called GIBON after a phrase that appears several times in the code. If the user follows through and opens the attached file, the ransomware then takes over.
We are still working to discover all the details on how GIBON is distributed, we do know that when it is first started, it will connect to the Command and Control Server for the ransomware register a new victim by sending a base64 encoding string with the timestamp, the register string, the version of Windows. Basically, this means it is telling Command Central that your computer is a new victim and has not been infected before.
Once it has locked into your system, it begins to encrypt all your files, regardless of extension. Only the Windows folder is safe. For each file that is encrypted, it will make a READ_ME_NOW.txt file, providing instructions for what you should do and how to get your files back. It instructs the victim to send emails to bomboms123@mail.ru or subsidiary: yourfood20@mail.ru for instructions on payment.
The good news is that there is a decryptor available from BleepingComputer.com to counter this version of ransomware. You still want to be vigilant in protecting yourself and your data on a daily basis. Some things to remember are:
Unfortunately, no matter how strong the security solutions, attacks will continue to slip through the cracks. Therefore, MSPs and MSSPs who are looking to fully-protect their clients must implement a proper, reliable backup and disaster recovery (BDR) solution with online and offline backup solutions as the ultimate failsafe against successful attacks. Your data is important, don’t let some hacker take it away.
Call our business managed IT services department directly at (404) 777-0147 or simply fill out this form and we will get in touch with you to set up a getting-to-know-you introductory phone call.
Fill in our quick form
We'll schedule an introductory phone call
We'll take the time to listen and plan the next steps
11285 Elkins Rd Suite E1, Roswell, GA 30076
© Copyright 2024 Centerpoint IT. All Rights Reserved. Website in partnership with Tech Pro Marketing. | Privacy Policy
Get Immediate Help For All Your Technology Issues (404) 777-0147
If you want our team at Centerpoint IT to help you with all or any part of your business IT, cybersecurity, or telephone services, just book a call.
Fill in your information below to get started today.
"*" indicates required fields
Fill in your information below to schedule now.
"*" indicates required fields
Before your organization commits to 1, 2, 3 or even longer managed IT services contract, understand what you’re getting. Centerpoint IT gives you the facts in our Managed IT Services Buyer’s Guide.
Enter your information below and we’ll send it over.
"*" indicates required fields
We are turning 15 and want to celebrate this milestone with you because without you this would not have been possible. Throughout this year look for special promotions on services and tools aimed at Making IT Simple for You so you can focus on your business.
We are turning 15 and want to celebrate this milestone with you because without you this would not have been possible. Throughout this year look for special promotions on services and tools aimed at Making IT Simple for You so you can focus on your business.
https://calendly.com/centerpoint-it/discovery-call