Ransomware Attack Vector

General discussion related to "Everything".
Post Reply
gablearcade
Posts: 2
Joined: Tue Apr 11, 2023 4:08 pm

Ransomware Attack Vector

Post by gablearcade »

A Neowin article dated 1/26/23 has listed Everything as being an attack vector for Mimic ransomware according to Trend Micro. See article: https://www.neowin.net/news/new-ransomw ... verything/

I like the program with the speed it gets the information I need from my system. I have been using the program for several months, evaluating its use for deployment, however I can't do that with the propensity of users to click on links they should not. I can't risk compromising our network systems by some idiot that needs to check out some link to a "package" that can't be delivered.

As this article is three months old, has this issue been reported, and is there any movement of fixing the issue?
therube
Posts: 4967
Joined: Thu Sep 03, 2009 6:48 pm

Re: Ransomware Attack Vector

Post by therube »

FYI:New Mimic ransomware abuses ‘Everything’ Windows search tool

Also note that the malware is not "using" the Everything you have on your computer, but rather using Everything functionality in its' malware which happens to include Everything.dll [which is available to all]. And even if Everything.dll were not available or didn't even exist, there are other means to the same end, just not as efficient.
gablearcade
Posts: 2
Joined: Tue Apr 11, 2023 4:08 pm

Re: Ransomware Attack Vector

Post by gablearcade »

Thanks. I tried looking through the General forum, but it appears I did not go back far enough. Glad to see the issue has already been noted. Hopefully a way to block the ransomware can be found.
ChrisGreaves
Posts: 684
Joined: Wed Jan 05, 2022 9:29 pm

Re: Ransomware Attack Vector

Post by ChrisGreaves »

I note too that "Mimic ransomware attacks begin with the victim receiving an executable, presumably via email, ..." which in human terms means that the ransomware targets people who click on an executable that they receive by email.
That is, the target is humans who blindly click on anything that "might be interesting"

Cheers, Chris
void
Developer
Posts: 16698
Joined: Fri Oct 16, 2009 11:31 pm

Re: Ransomware Attack Vector

Post by void »

Everything is not being used as an attack vector.

The attacker is installing Everything on an already infected PC.
Post Reply