Report: New Ransomware Variant Targeting Microsoft Exchange Servers

Health IT Security

Jessica Davis

Threat actors with likely ties to REvil ransomware are targeting and successfully exploiting vulnerabilities in Microsoft Exchange Servers with a new malware variant in cyberattacks against enterprise networks, according to a recent Sophos report.

Observed in attacks launched last week, the malware variant called Epsilon Red is written in Go programming language and deployed during the final executable payload of a human-operated cyberattack.

The ransomware variant is relatively simple but it’s attack features a host of steps and obfuscation techniques that could challenge IT teams with detection and remediation, including the use of PowerShell scripts in every early stage component.

“[Epsilon Red is] compiled using a tool called...

Get the Morning Update

Thanks for subscribing!