Erebus

Description

(Trend Micro) Erebus ransomware (RANSOM_EREBUS.A) first emerged last September 2016 being distributed by malvertisements (malicious advertisements). The malicious ads diverted victims to the Rig exploit kit, which infects the victim’s systems with the ransomware. This Erebus variant targets 423 file types, scrambles files with RSA-2048 encryption algorithm, and appends the affected files with the .ecrypt extension. This version of Erebus was observed using compromised websites in South Korea as its command and control (C&C) servers.

Names

Name
Erebus

Type

Ransomware

Information

https://www.trendmicro.com/vinfo/us/security/news/cyber-attacks/erebus-linux-ransomware-impact-to-servers-and-countermeasures
https://blog.trendmicro.com/trendlabs-security-intelligence/erebus-resurfaces-as-linux-ransomware/
https://www.bleepingcomputer.com/news/security/erebus-ransomware-utilizes-a-uac-bypass-and-request-a-90-ransom-payment/

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/elf.erebus
https://malpedia.caad.fkie.fraunhofer.de/details/win.erebus

Alienvault Otx

https://otx.alienvault.com/browse/pulses?q=tag:erebus

Other Information

Uuid

2436d99d-14a6-427a-839b-856c5f3d902c

Last Card Change

2020-05-13

Threat Intelligence Garden

Explorer

Erebus

Erebus

Description

Names

Category

Type

Information

Malpedia

Alienvault Otx

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks