Ransomware
Zeppelin
First seen: 2019-11 • Status: active
Currently Active Threat
Zeppelin attacks hospitals and IT companies. The FBI recovered some decryption keys that can help victims.
Overview
Zeppelin evolved from VegaLocker and targets healthcare and IT. FBI released decryption keys for some victims.
Also Known As
Buran, VegaLocker
How It Spreads
- • RDP exploitation
- • Phishing
What It Does
- • File encryption
- • Healthcare targeting
Is your business exposed?
Target Platforms
Windows
Detection Tips
- • Check for FBI decryptor availability
MITRE ATT&CK Techniques
T1486, T1021
If You're Infected
- 1.
Contact FBI for possible decryption keys
Is your business exposed?
Check if your company data is circulating on the dark web
Free scan • No credit card required