Key Group: another ransomware group using leaked builders

Kaspersky experts studied the activity of Key Group, which utilizes publicly available builders for ransomware and wipers, as well as GitHub and Telegram. Continue reading Key Group: another ransomware group using leaked builders

Mallox ransomware: in-depth analysis and evolution

In this report, we provide an in-depth analysis of the Mallox ransomware, its evolution, ransom strategy, encryption scheme, etc. Continue reading Mallox ransomware: in-depth analysis and evolution

Malvertising Attack Drops BlackCat Ransomware via Fake Search Results

By Waqas
Happeneing through Google Search, hackers use a malicious ISO archive to distribute files that direct users to fake download pages of popular business applications. 
This is a post from HackRead.com Read the original post: Malvertising Attack … Continue reading Malvertising Attack Drops BlackCat Ransomware via Fake Search Results

Ransomware gang Conti has already bounced back from damage caused by chat leaks, experts say

A Twitter account known as ContiLeaks debuted to much fanfare in late February, with people around the globe watching as tens of thousands of leaked chats between members of the Russia-based ransomware gang Conti hit the web. In the days after the leaks, many celebrated what they thought would be a devastating blow to Conti, which a Ukrainian security researcher had apparently punished by leaking the internal chats because the gang threatened to “strike back” at any entities that organized “any war activities against Russia.” But ten days after the leaks began, Conti appears to be thriving. Experts say the notorious ransomware gang has pivoted all too easily, replacing much of the infrastructure that was exposed in the leaks while moving quickly to hit new targets with ransom demands. According to Vitali Kremez, CEO of the cybersecurity firm AdvIntel, by Monday morning Conti had successfully completed two new data breaches at […]

The post Ransomware gang Conti has already bounced back from damage caused by chat leaks, experts say appeared first on CyberScoop.

Continue reading Ransomware gang Conti has already bounced back from damage caused by chat leaks, experts say

Unpacking the rise of BlackCat ransomware: High victim count, high payouts, customized features

Despite being a relative newcomer, the BlackCat ransomware family is moving up the list of the most prolific operators in the space, according to a report from Palo Alto Network’s Unit 42 threat intelligence unit. The group’s latest report, published Thursday and first reported by CyberScoop, found that as of December 2021, BlackCat has the seventh-most victims among all ransomware groups Unit 42 tracks, a remarkable feat considering that BlackCat initially garnered notice in mid-November 2021. “This highlights a worrying trend that newcomers (or reformed groups) can attack many victims in a short space of time,” the researchers wrote. BlackCat is a typical ransomware group in some ways, but has novel aspects that Unit 42 analyzed. Its ransomware is written in Rust, a computer coding language growing in popularity for its web application benefits, memory management and efficiency. Rust has been used in malware in the past, but BlackCat might be the […]

The post Unpacking the rise of BlackCat ransomware: High victim count, high payouts, customized features appeared first on CyberScoop.

Continue reading Unpacking the rise of BlackCat ransomware: High victim count, high payouts, customized features

BlackMatter ransomware gang is reportedly quitting operation

By Waqas
BlackMatter ransomware gang, which is believed to be a rebrand of DarkSide, has decided to end the project, giving in to the pressures of the local law enforcement authorities.
This is a post from HackRead.com Read the original post: BlackMatt… Continue reading BlackMatter ransomware gang is reportedly quitting operation

REvil ransomware attack against MSPs and its clients around the world

An attack perpetrated by REvil aka Sodinokibi ransomware gang against Managed Service Providers (MSPs) and their clients was discovered on July 2. Some of the victims reportedly have been compromised a popular MSP software which led to encryption of their customers. Continue reading REvil ransomware attack against MSPs and its clients around the world

Evolution of JSWorm ransomware

There are times when a single ransomware family has evolved from a mass-scale operation to a highly targeted threat – all in the span of two years. In this post we want to talk about one of those families, named JSWorm. Continue reading Evolution of JSWorm ransomware