An Indian software company, Nucleus Software Exports, has recently been struck with appears to be EpsilonRed Ransomware. The attack occurred on May 30th and caused significant damage to certain systems while also encrypting data. A portion of a statement made to financial regulators read, “So far as sensitive data is concerned, we’d like to assure our customers that there is NO financial data of any customer available/stored with us and therefore the question of any leakage or loss of client data does not arise.” The actors behind EpsilonRed typically target unpatched Exchange servers, and while Nucleus has not confirmed that this was the attack entry, the team at Sophos believes so. The good news is the EpsilonRed ransomware is relatively new, so an Emsisoft malware analyst says files can possibly be recovered without paying the ransom, under certain conditions.
By Akshay Rohatgi and Randy Pargman About this Student Research Project Binary Defense’s mission is