![Israeli companies are the new target with Pay2Key ransomware Israeli companies are the new target with Pay2Key ransomware](https://varindia.com/storage/news/uploads/2018/02/5fa7f71112bc2.jpg)
It is now the turn of the Israeli networks, which are being managed through the targeted attacks. Several companies and large corporations from Israel have been breached and had their systems encrypted using a new strain of ransomware named Pay2Key.
As per ZdNet , the attacks usually happened after midnight, when companies have fewer IT employees at work. The initial entry point for all intrusions is currently believed to be weakly secure RDP (Remote Desktop Protocol) services.
Access to company networks appears to have been obtained "some time before the attack," but once the ransomware crew begins its intrusion, it usually takes them an hour to spread to the entire network and encrypt files.
To avoid having their activities detected, the Pay2Key operators usually set up a pivot point on the local network, through which they proxy all their communications to reduce their detectable network footprint.
Once the encryption ends, ransom notes are left on the hacked systems, with the Pay2Key gang usually asking for payments of 7 to 9 bitcoins (~$110K-$140K).
Based on current analysis, Check Point said the encryption scheme appears to be solid (using the AES and RSA algorithms), which unfortunately has prevented the company from creating a free decrypter for victims.
Researchers say the ransomware has been created from scratch, with no overlaps with other known ransomware strains, and appears to have been named "Cobalt" during a previous/development phase.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.