Tag: Ransomware

SolidBit Ransomware Detection: Novel Variant Targets Users of Popular Video Games and Social Media Platforms
SolidBit Ransomware Detection: Novel Variant Targets Users of Popular Video Games and Social Media Platforms

Ransomware attacks have become a constantly growing trend in the cyber threat arena since 2020, which continues to be on the rise in 2021-2022. Cybersecurity researchers have recently uncovered a new SolidBit ransomware variant, which targets gamers and social media users. The novel malware strain is spotted in the wild, being uploaded to GitHub and […]

Read More
Gwisin Detection: Threat Actors Spread Gwisin Ransomware Targeting Korean Companies
Gwisin Detection: Threat Actors Spread Gwisin Ransomware Targeting Korean Companies

Gwisin ransomware targeting Korean companies in multiple industries is currently on the increase in the cyber threat arena. Attributed to the Korean-speaking threat actors, Gwisin ransomware is leveraged in targeted attacks at specific organizations rather than random individuals and does not perform malicious behaviors on its own, which makes its detection harder. The ransomware is […]

Read More
LockBit 3.0 Ransomware Attack Detection: Deploy Cobalt Strike Beacons Abusing Microsoft Defender
LockBit 3.0 Ransomware Attack Detection: Deploy Cobalt Strike Beacons Abusing Microsoft Defender

LockBit threat actors have been recently under the spotlight in the cyber domain. In July 2022, the hacking collective hit the headlines by introducing the first-ever bug bounty program launched by a ransomware gang. In the latest cyber-attacks, the notorious ransomware group applies Living-off-the-Land tools by abusing the legitimate Microsoft Defender’s command-line utility to deploy […]

Read More
BlackCat Ransomware Attacks: Threat Actors Use Brute Ratel and Cobalt Strike Beacons for Advanced Intrusions
BlackCat Ransomware Attacks: Threat Actors Use Brute Ratel and Cobalt Strike Beacons for Advanced Intrusions

Cybersecurity researchers have revealed a wave of new activity of the notorious BlackCat ransomware group deploying custom malware binaries for more sophisticated intrusions. In the latest attacks, threat actors have been leveraging Cobalt Strike beacons and a new penetration testing tool dubbed Brute Ratel, installing the latter as a Windows service on the compromised machines.  […]

Read More
H0lyGh0st Detection: New Ransomware Tied to North Korean APT
H0lyGh0st Detection: New Ransomware Tied to North Korean APT

New day, the headache for cyber defenders! Microsoft Threat Intelligence Center (MSTIC)  reports a new ransomware strain attacking small to middle-sized businesses across the globe since June 2021. Dubbed H0lyGh0st, the malware has been initially developed by an emerging North Korean APT tracked under the DEV-0530 moniker. The ransomware attacks are explicitly financially motivated, targeting […]

Read More
Maui Ransomware Detection: Novel Threat Targeting U.S. Healthcare and Public Health Sector
Maui Ransomware Detection: Novel Threat Targeting U.S. Healthcare and Public Health Sector

Brace yourself for the new ransomware threat! On July 6, 2022, the FBI, CISA, and the Department of Treasury issued a joint Cybersecurity Advisory (CSA) to warn about Maui ransomware actively leveraged by the North Korean APT group to target organizations in the U.S. healthcare and public health sectors. The attacks have been observed since […]

Read More
MedusaLocker Ransomware Detection: Federal Authorities Release a Joint CSA
MedusaLocker Ransomware Detection: Federal Authorities Release a Joint CSA

MedusaLocker ransomware first surfaced in September 2019 and has been impacting a wide range of industries and organizations, primarily in healthcare, ever since. Assuming how adversaries divide the ransom money, MedusaLocker appears to be run as a RaaS. Sources claimed that payments for ransomware seem to be divided between the affiliate and the developer, with […]

Read More
LockBit 3.0 Ransomware Detection: Operation Revamped
LockBit 3.0 Ransomware Detection: Operation Revamped

LockBit group returns, introducing a new strain of their ransomware, LockBit 3.0. Adversaries dubbed their latest release LockBit Black, enhancing it with new extortion tactics and introducing an option to pay in Zcash, adding to existing Bitcoin and Monero crypto payment options. This time, LockBit hackers are making the headlines by kicking off the first […]

Read More
GoodWill Ransomware Detection: New Malware Forces Its Victims to Pay Back to Society
GoodWill Ransomware Detection: New Malware Forces Its Victims to Pay Back to Society

A rather peculiar type of malware has recently hit the headlines. The new strain is dubbed GoodWill ransomware, and its novelty lies in the nature of the demands that victims have to fulfill to get the decryption key. The ransomware operators, claiming that they are “hungry for kindness”, expect their targets to support those in […]

Read More
YourCyanide Detection: New Self-Propagating Ransomware Variant
YourCyanide Detection: New Self-Propagating Ransomware Variant

New ransomware variant follows in the footsteps of the GonnaCope ransomware, the first strain in the family of CMD-based ransomware that first surfaced in April 2022. Other similar samples that were uploaded to VirusTotal in May 2022 are known as Kekpop and Kekware. The rising player is dubbed YourCyanide and presumably has all it takes […]

Read More