SentinelOne VS HelloKitty Ransomware – Protect Mode

HelloKitty is a low-sophistication ransomware family which emerged in late 2020. Most recently, this threat was used to target CD Projekt Red. HelloKitty attempts to terminate multiple services associated with MSSQL, IIS, Quickbooks, and others. While HelloKitty campaigns are highly-targeted, the payloads are non-stealth. Most of the behavioral system changes (task and service termination) are launched via CMD window, fully visible to the user. HelloKitty infections tend not to ‘dwell’ or ‘fly under the radar’ for any amount of time at all.

#Lazarus #sentinellabs #infosec #cybersecurity #cyberattack #cyber #hacking #NukeSped