Server software poses soft target for ransomware
An alternate method for infecting computers with ransomware signals a shift in tactics by cybercriminals that could put businesses at greater risk, according to Symantec.
A type of ransomware called Samsam has been infecting organizations but is not installed in the usual way.
“Samsam is another variant in a growing number of variants of ransomware, but what sets it apart from other ransomware is how it reaches its intended targets by way of unpatched server-side software,” Symantec wrote.
The perpetrators behind Samsam use a legitimate penetration tool called Jexboss to exploit servers running Red Hat’s JBoss enterprise application server.