Recently malicious actors started using malvertising to spread BlackCat ransomware. They use cloned webpages of popular freeware applications, particularly WinSCP utility. Such downloads result in an infection chain, that consists of a dropper, a backdoor, and, finally, the ransomware. Operators Distributing Ransomware Disguised as WinSCP Researchers acknowledged that BlackCat operators were using malicious ads to… Continue reading BlackCat Ransomware Employs Malvertising In Targeted Attacks
Tag: Ransomware
8Base Ransomware Group On The Rise, Lists a Number of Victims
In June of this year, a new wave of cyber-attacks and extortion operations, organized by the criminal group 8Base, swept the world. Hackers use a double extortion method: they infect victims’ computers with a ransomware virus that blocks access to data, and then demand a ransom for their restoration. If the victim refuses to pay,… Continue reading 8Base Ransomware Group On The Rise, Lists a Number of Victims
WannaCry 3.0 Ransomware Aims At Enlisted Russian-speaking Players
A previously unknown payload of ransomware, that call itself WannaCry 3.0, targets Russian-speaking players of the Enlisted game. Hackers reportedly use a modified game installer and a spoofed official site to confuse unsuspecting users. You might also be interested in this article One Year of Russian-Ukrainian War in Cybersecurity, or this: Stabbed in the back:… Continue reading WannaCry 3.0 Ransomware Aims At Enlisted Russian-speaking Players
BlackCat Ransomware New Update Boosts Exfiltration Speed
BlackCat ransomware continues to make a fuss globally for the second year now, targeting various sectors. Most of the time, it goes to healthcare, government, education, manufacturing, and hospitality. The group constantly improves operations, automating data exfiltration and releasing new ransomware versions with upgraded capabilities. What is BlackCat Ransomware? The cybercriminals use ALPHV (BlackCat), a… Continue reading BlackCat Ransomware New Update Boosts Exfiltration Speed
Microsoft Researchers Link Clop Gang to MOVEit Transfer Attack
Microsoft has linked the Clop ransomware gang to a recent attack that uses a zero-day vulnerability in the MOVEit Transfer platform to steal data from organizations. The company’s Threat Intel team names Lace Tempest cybercrime gang as a key suspect in these attacks. Who are Lace Tempest hackers? Microsoft is attributing attacks that exploit the… Continue reading Microsoft Researchers Link Clop Gang to MOVEit Transfer Attack
Conti Ransomware Heritage in 2023 – What is Left?
Ransomware groups come and go, but the people behind them continue to use their hacking and extortion skills in new operations. For example, former members of the now-defunct Russian-language ransomware group Conti continue to conduct their dirty business under many other “sub-brands”. Conti Ransomware in a nutshell Conti ransomware, led by Russia-based threat actors, appeared… Continue reading Conti Ransomware Heritage in 2023 – What is Left?
Ransomware Attacks in 2023: What to Expect?
Cybersecurity experts have published a report on worrying ransomware statistics. A survey of 435 cybersecurity professionals identified gaps, misunderstandings, and obstacles regarding organizational security, preventing attacks, and eliminating extortion. Analysts conclude that most of these organizations will likely face a ransomware attack this year – simply because. What is ransomware? The name of this malware… Continue reading Ransomware Attacks in 2023: What to Expect?
Ransomware Attacks Decline in 2023 – Is It True?
According to ransomware attacks status statistics, the trend of incidents related to this type of malware will decline in 2023. But is this really the proper conclusion, or is it not all clear-cut? Today we will look at analysts’ opinions and determine why ransomware activity is decreasing. Some statistics According to the X-Force Threat Intelligence… Continue reading Ransomware Attacks Decline in 2023 – Is It True?
FIN7 Hack Group Resumed Activity, Linked to Clop Ransomware
Microsoft analysts report that last month the notorious hacker group FIN7 (also known as Carbanak, Navigator and others) resumed its activity. The researchers were able to link FIN7 to attacks whose ultimate goal was to deploy the Clop ransomware on victims’ networks. FIN7 Cybercrime Group Goes On Let me remind you that we also wrote… Continue reading FIN7 Hack Group Resumed Activity, Linked to Clop Ransomware
Fullerton India Hacked, LockBit Leaks 600GB of Data
Fullerton India, a large lending institution from India, appears to be hacked back in early April 2023. It is confirmed by the LockBit ransomware Darknet blog, where hackers listed the company, and now, over a month later, published all the leaked information. Fullerton, LockBit – who are they? Fullerton India Credit Company, or shortly Fullerton… Continue reading Fullerton India Hacked, LockBit Leaks 600GB of Data