A novel ransomware campaign has been spotted targeting businesses in the transportation and logistics industries in Ukraine and Poland working with a previously unknown ransomware payload.
Dubbed “Prestige ranusomeware” by its creators, the malware was observed by the Microsoft Danger Intelligence Middle (MSTIC), concentrating on many businesses on Oct 11 in attacks occurring within an hour of every single other.
According to an advisory published by Microsoft final Friday, the marketing campaign experienced various notable functions that differentiate it from other ransomware ones tracked by the tech large.
Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).
➤ Get Mullvad VPN with 12% Discount
“The enterprise-wide deployment of ransomware is not common in Ukraine, and this exercise was not connected to any of the 94 at present active ransomware action groups that Microsoft tracks,” the company stated.
“The exercise shares victimology with latest Russian state-aligned activity, exclusively on afflicted geographies and nations around the world, and overlaps with prior victims of the FoxBlade malware (also known as Airtight Wiper).”
Even with these equivalent deployment techniques, however, Microsoft said the new marketing campaign is unique from modern destructive attacks leveraging AprilAxe or FoxBlade that have impacted critical infrastructure organizations in Ukraine above the previous two months.
“MSTIC has not nevertheless joined this ransomware marketing campaign to a acknowledged menace group and is continuing investigations. MSTIC is tracking this activity as DEV-0960,” the company wrote. Noticeably, Microsoft uses ‘DEV’ designations as a short-term identify for mysterious, emerging or developing clusters of danger exercise.
The tech large also verified it is continuing to check the Status campaign and is in the procedure of notifying shoppers impacted by DEV-0960 but not however ransomed.
“The threat landscape in Ukraine carries on to evolve, and wipers and harmful attacks have been a reliable concept,” Microsoft mentioned.
“Ransomware and wiper attacks depend on numerous of the exact same security weaknesses to succeed. As the problem evolves, businesses can adopt the hardening direction [here] to help develop extra strong defenses against these threats.”
To protect in opposition to this and other cyber-threats, Ukraine has a short while ago enhanced cooperation efforts with several European Union (EU) cybersecurity organizations.
Some parts of this post are sourced from:
www.infosecurity-magazine.com
Amazon Customers Receive Smishing Warning After Receiving Fake Texts