Vanuit Oekraïne opererende ransomwaregroep opgerold

Politiediensten uit meerdere landen hebben een ransomwaregroep opgerold die vanuit Oekraïne actief was. De groep zou in 71 landen aanvallen hebben uitgevoerd, met ransomware als LockerGoga, MegaCortex, HIVE en Dharma. Bij de aanvallen maakte de groep gebruik van tools als TrickBot, bruteforce, sql-injection en phishingmails. Eenmaal in het netwerk werd de ransomware uitgerold. Dat zorgde volgens…

View On WordPress

Black Basta Ransomware Becomes Major Threat in Two Months

Black Basta Ransomware Becomes Major Threat in Two Months

Home › Cybercrime Black Basta Ransomware Becomes Major Threat in Two Months By Kevin Townsend on June 24, 2022 Tweet Security researchers have assessed the Black Basta ransomware threat level as HIGH, and the number of victims is still rising Black Basta ransomware has become a major new threat in just a couple months. Evidence suggests it was still in development in February 2022, and only…

View On WordPress

Now, a malware sample has surfaced that uses specific knowledge of control systems to target them with a far blunter, and more familiar, tactic: Kill the target's software processes, encrypt the underlying data, and hold it hostage.

Over the last month, researchers at security firms including Sentinel One and Dragos have puzzled over a piece of code called Snake or EKANS, which they now believe is specifically designed to target industrial control systems, the software and hardware used in everything from oil refineries to power grids to manufacturing facilities. Much like other ransomware, EKANS encrypts data and displays a note to victims demanding payment to release it; the name comes from a string it plants as a file marker on a victim computer to identify that its files have already been encrypted.

EKANS is actually the second ransomware to hit industrial control systems. According to Dragos, another ransomware strain known as Megacortex that first appeared last spring included all of the same industrial control system process-killing features, and may in fact be a predecessor to EKANS developed by the same hackers. But because Megacortex also terminated hundreds of other processes, its industrial-control-system targeted features went largely overlooked.

EKANS could signal that industrial hacking tactics are proliferating to common criminals.  "It implies an increasing willingness and ability of non-state actors to significantly impact or impair critical infrastructure entities," says Slowik. 

Nuova minaccia ransomware, prende il nome di MegaCortex si ispira a Matrix. http://bit.ly/2W3elNc

The Week in Ransomware - August 2nd 2019 - More of the Same

The Week in Ransomware – August 2nd 2019 – More of the Same

This week the biggest news was attackers breaking into Iomega NAS devices, wiping the drives, and then leaving ransom notes. It is not known if any users were able to recover their files after paying the ransom.

We also had a new Android ransomware that was using infected phones to spread itself other victims via SMS texts.

Otherwise, it has mostly been new variants of existing ransomware…

View On WordPress

New MegaCortex Ransomware Variant Changes Victims’ Windows Passwords

http://i.securitythinkingcap.com/RHkbF6

MegaCortex continues trend of targeted ransomware attacks

Source: https://blog.malwarebytes.com/threat-spotlight/2019/06/megacortex-continues-trend-of-targeted-ransomware-attacks/

Supply chain hacking campaign looks like espionage. Airstrikes versus hackers. FTC versus Facebook. Notes from the Global Cyber Innovation Summit. What’s up with MegaCortex.

Tracking a group that’s after the software supply chain. Israel adds airstrikes to the array of responses it’s prepared to make to hackers. The US Federal Trade Commission still doesn’t know how you solve a problem like Mark. Some more notes from last week’s Global Cyber Innovation Summit. Sophos has more details on MegaCortex, a new strain of ransomware. And criminal organizations organize and operate a lot like legitimate businesses. Joe Carrigan from JHU ISI with information on a remote code execution vulnerability affecting Dell systems. Guest is Blake Sobczak from E & E News on the recent electrical grid “cyber event”.

For links to all of today's stories check our our CyberWire daily news brief:

https://thecyberwire.com/issues/issues2019/May/CyberWire_2019_05_06.html 

<a href="https://www.patreon.com/thecyberwire" rel="payment">Support our show</a>

Check out this episode!

Free Decryptors Released for BianLian, MegaCortex Ransomware

Avast and Bitdefender have released decryptors to help victims of BianLian and MegaCortex ransomware recover their data for free. Written in Golang, BianLian emerged in August 2022 and has been used in targeted attacks against entertainment, healthcare, media, and manufacturing organizations. read morehttp://dlvr.it/Sh0sfY

View On WordPress

يقوم Bitdefender بإصدار برنامج MegaCortex ransomware المجاني

يقوم Bitdefender بإصدار برنامج MegaCortex ransomware المجاني

باختصار: أصدرت شركة الأمن السيبراني Bitdefender أداة جديدة لمساعدة ضحايا MegaCortex ransomware على فتح ملفاتهم ، وهي أخبار رائعة لأولئك الذين لديهم ملفات مغلقة منذ سنوات. ظهرت MegaCortex في عام 2019 كبرنامج فدية مصمم لهذا الغرض يستهدف شبكات الشركات التي تستخدم وحدات التحكم بالمجال للانتشار. وفقًا لـ The Malware Wiki ، قامت MegaCortex بتشفير ملفات المستخدم بتشفير AES. أشار ملف القراءة المصاحب…

View On WordPress

Ransomware decryption tool: Victims of MegaCortex can now unlock their files for free

Ransomware decryption tool: Victims of MegaCortex can now unlock their files for free

Image: Getty Victims of MegaCortex ransomware attacks can now decrypt their files without giving into the ransom demands of cyber criminals, thanks to a free decryption tool that’s been released following collaboration between cybersecurity researchers and police.  The MegaCortex ransomware decryptor was built by cybersecurity analysts at Bitdefender in cooperation with Europol, the No More…

View On WordPress

La industria de la seguridad responde con MegaCortex Decryptor

La industria de la seguridad responde con MegaCortex Decryptor

Las partes interesadas de la industria de la seguridad han vuelto a unir fuerzas para ofrecer a las víctimas de ransomware una forma de mitigar los peores impactos de un compromiso, con un nuevo descifrador para MegaCortex. Él nueva herramienta de descifrado permitirá a las víctimas de la variante recuperar sus archivos de forma gratuita. fue anunciado por BitdefenderAunque el proveedor de…

View On WordPress

Europol has arrested 12 hackers believed to be behind the LockerGoga, MegaCortex and Dharma #ransomware attacks, which targeted large companies and critical infrastructure with over 1,800 victims in 71 countries Read: https://t.co/uOK6FLIT7P #infosec #cybersecurity #hacking (via Twitter https://twitter.com/TheHackersNews/status/1454515919032512518)