Sophos Rapid Response Team detects new Buer malware. Rapid intervention by specialist teams can protect companies from major damage from cyber attacks.
After Sophos officially went live with its Rapid Response Service at the end of October 2020, the security specialists exposed the first known use of the Buer malware dropper to smuggle in ransomware. Sophos Rapid Response made this discovery while defusing a Ryuk ransomware attack that is part of a wave of Ryuk attacks using new tools, techniques, and techniques. In this incident, the attackers used a new variant of Buer to launch the Ryuk ransomware. The criminals then stepped up their attack by combining Buer with other types of loader malware.
Buer Loader's Malware-as-a-Service
Only recently, in the white paper "Hacks for Sale: Inside Buer Loader's Malware-as-a-Service", Sophos described the explosiveness and danger of the Buer malware dropper and how it compromises Windows PCs in order to inject malware.
“It is becoming increasingly apparent that time is of the essence in an attack. The attackers are creative and use multiple techniques to smuggle their malware into the company. Once the malware is in the company, literally every minute counts between the initial compromise and neutralization of the attack, ”said Joe Levy, Chief Technology Officer at Sophos. “Advanced attacks can bring a business to a standstill quickly. IT managers who have witnessed a ransomware attack in person know this all too well. Sophos Rapid Response can be of tremendous help in preventing or limiting the damage caused by attacks. The service stops the attack and takes over the necessary complex and time-consuming processes. "
More on this at Sophos.com
About Sophos More than 100 million users in 150 countries trust Sophos. We offer the best protection against complex IT threats and data loss. Our comprehensive security solutions are easy to deploy, use and manage. They offer the lowest total cost of ownership in the industry. Sophos offers award-winning encryption solutions, security solutions for endpoints, networks, mobile devices, email and the web. In addition, there is support from SophosLabs, our worldwide network of our own analysis centers. The Sophos headquarters are in Boston, USA and Oxford, UK.