Fog Ransomware (Linux) VS SentinelOne – Detection and Mitigation

Fog ransomware has emerged as a significant cyber threat, targeting both Windows and Linux systems since April 2024. In this video, we show how the SentinelOne Singularity XDR Platform detects and mitigates Fog ransomware.

Key Points About Fog Ransomware:

-Targeted Sectors: Include Education and Manufacturing
-Exploited Vulnerabilities: VPN and Backup-software weaknesses
-Primary Targets: Virtual machines and VMDK files
-Payload Control: Managed via JSON configuration files
-Credential Use: Observed in pre-payload deployment
-Encryption Focus: On-prem encryption with .FOG or .FLOCKED file extensions
-Communication: Victims use a TOR-based chat portal for ransom negotiations

~Subscribe to our channels:~
Website: https://www.sentinelone.com/
LinkedIn: https://www.linkedin.com/company/sentinelone/
Twitter: https://twitter.com/SentinelOne
Facebook: https://www.facebook.com/SentinelOne
Instagram: https://www.instagram.com/sentinelsec/
Threads: https://www.threads.net/@sentinelsec