As ransomware gangs attempt to boost their illicit profits, the RagnarLocker ransomware gang has brought a new tactic to bear: installing a full virtual machine on victims' systems to hide their crypto-locking malware while it forcibly encrypts files, security firm Sophos warns.
More ransomware-wielding gangs are not just crypto-locking victims' systems, but also stealing and threatening to leak data unless they get their demanded bitcoin ransom payoff. A growing number of security experts believe the strategy is leading more victims to pay.
Many attackers continue to camp out in networks for months, conducting reconnaissance and stealing sensitive data before unleashing ransomware. Experts say many recent efforts trace to gangs wielding the RobbinHood, Valet Loader, NetWalker, PonyFinal, Maze and Sodinokibi strains of crypto-locking malware.
As the COVID-19 outbreak has intensified, so too has cybercrime, including ransomware, Interpol, the international crime-fighting agency, warns. Despite some gangs claiming to no longer be targeting healthcare organizations, experts have seen "no abatement, empathy or free decryptor" from any of them.
With the declaration of COVID-19 as a pandemic, and the global shift to work from home, Tom Kellermann of VMware Carbon Black sees a corresponding increase in hacking and espionage attempts against U.S. agencies, businesses and citizens. He says add "digital distancing" to your precautions.
As sophisticated malware continues to evade existing detection tools and
processes, security teams must adopt new technologies and use them to deploy
new detection, hunt, and response capabilities.
Security teams looking to improve
threat intelligence, hunting, analysis, and rapid response capabilities...
Ekans, a recently discovered ransomware variant that's designed to target industrial control systems, appears to have some of the same characteristics found in Megacortex, malware that struck several high-profile targets in 2019, according to the security firm Dragos.
The intellectual property, including research results, of biotechnology companies and other medical organizations is increasingly a target for hackers, who sometimes dump data on hacker forums or public websites. That's why breach detection and prevention is even more critical.
More bad news for ransomware victims: Anyone hit with crypto-locking DoppelPaymer malware now faces the prospect of having their personal data dumped on a darknet site unless they pay a ransom. The gang's move follows in the footsteps of Maze, Sodinokibi (aka REvil) and Nemty ransomware operators.
While run-of-the-mill ransomware attacks continue, some crypto-locking malware gangs are bringing more advanced hacking skills to bear against targets, seeking the maximum possible payout, says cybersecurity expert Jake Williams of Rendition Infosec, who dubs the trend "ransomware 2.0."
Attacks tied to Shade ransomware continue to surge as part of an overall resurgence in ransomware, security researchers warn. Other malware trends include stealthy ways to sneak malicious code onto systems - including JavaScript and zipped attachments - as well as the continuing use of exploit kits.
With all of the tools deployed for
endpoint detection and response,
enterprises today are often overwhelmed
by threat intelligence, says J.J. Thompson
of Sophos. To alleviate "analysis
paralysis," Sophos has launched its
Managed Threat Response service.
Download this eBook to learn more about:
The evolution of...
Many ransomware-wielding attackers continue to hack into organizations via remote desktop protocol. But some Sodinokibi ransomware-as-a-service affiliates have shifted instead to targeting victims via botnets, saying hackers' use of RDP exploits has grown too common.
The larger, underlying problem facing security teams is the general lack of visibility and context across all internal files and objects that enter and then move about, stay resident, and or leave their corporate environments.
Download this whitepaper to learn how having more visibility and greater understanding of...
With all of the tools deployed for endpoint detection and response, enterprises today are often overwhelmed by threat intelligence, says J.J. Thompson of Sophos. To alleviate "analysis paralysis," Sophos has just launched its Managed Threat Response service. Thompson details its offerings.With all of the tools...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ransomware.databreachtoday.com, you agree to our use of cookies.
