Early indications point to Sandworm hacking group for global ransomware attack
The main suspect behind the recent global ransomware attack is a hacking group with suspected ties to Russia and a history of launching destructive computer viruses, according to research conducted by Czech cybersecurity firm ESET. The company has pegged the attack to a group known as Telebots or Sandworm. “The TeleBots group continues to evolve in order to conduct disruptive attacks against Ukraine. Instead of spearphishing emails with documents containing malicious macros, they used a more sophisticated scheme known as a supply-chain attack,” writes Anton Cherepanov, a senior malware researcher with ESET, in a blog post. “The latest outbreak was directed against businesses in Ukraine, but they apparently underestimated the malware’ spreading capabilities.” While the spread of so-called PetrWrap or NotPetya turned into global news as thousands of computers were locked down by the virus, the incident plays into a larger and already established narrative of hackers repeatedly using wiper malware and defunct ransomware, […]
The post Early indications point to Sandworm hacking group for global ransomware attack appeared first on Cyberscoop.
Continue reading Early indications point to Sandworm hacking group for global ransomware attack