The Zeppelin Buran virus is actually a Buran ransomware infection, the main goal of which is to ensure that you are unable to use your files anymore until you are able to solve them and pay the cyber criminals behind them stuck. The virus then adds its own file extension and deletes a ransom note file. This main purpose of the file is victors to get ransom to your files to get only decryption key decrypted under use.
The Zeppelin Ransomware Update
The Zeppelin ransomware received a January 21 update which can be seen by introducing a new ransomware touch. It is possible that this new version will be orchestrated by a hacker group that differ from the previous ones. This would mean that the Buran ransomware main code has been distributed in the hacker markets. It is a popular malware family, many of which have been published. This new version has an injection memory module – it will interact with running applications and be able to hijack those running. This means that the Zeppelin Buran is able to extract and manipulate sensitive information, even on different fields. Process control is also implemented, a way for the virus to manipulate running applications and system services. This can be used to hide from security discovery apps.
Ransomware is used against large networks with the intention of hacking as many victims as possible. One of the recent victims is large technology and healthcare companies in several areas – countries in the United States, Europe and Canada.
During the initial distribution attack was dangerous scripts on various hosting websites. A special feature is that the virus does not appear to infect users located in Russia or former communist countries such as Ukraine. It is possible that a black list is also included – based on the local conditions and location of the user, the virus will decide whether it is running.
Ransomware like this are used against large networks with the intention of hacking as many victims as possible. One of the recent victims is large technology and healthcare companies in several areas – countries in the United States, Europe and Canada.
The Zeppelin Buran Virus Can Easily Be Embedded In Various File Formats
During the initial distribution attack was dangerous scripts on various hosting websites. A special feature is that the virus does not appear to infect users located in Russia or former communist countries such as Belarus and Ukraine. It is possible that a black list is also included – based on the local conditions and location of the user, the virus will decide whether it is running. The Zeppelin Buran Virus can easily be embedded in various file formats – EXE, DLL or part of scripts that can be placed in documents or websites.
