Contents
Summary Of The Attack
- Microsoft DCU partnered with other security companies to conduct a takedown of the botnet running ZLoader malware.
- Using Threat Intelligence, Data Science, Reverse Engineering, and cooperation, the task force captured over 300 domains registered for the botnet.
- ZLoader’s origin is a trojan, but it has evolved into a Ransomware as a Service platform.
- ZLoader is the primary distributor of the Ryuk healthcare ransomware.
Stay Up-To-Date On The Latest Attacks
Be the first to know when our experts release new insights on the top attacks.
You're on the list! Just one more step...
Check your email to confirm your subscription.
What Happened?
On April 13, 2022, Microsoft announced that their Digital Crimes Unit (DCU) – in a joint effort with ESET, Black Lotus Labs, Palo Alto Networks, HealthISAC, and Financial Services-ISAC – has successfully disrupted the botnet distributing the ZLoader trojan.