• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

Scores of US Critical Infrastructure Firms Hit by Ransomware

You are here: Home / General Cyber Security News / Scores of US Critical Infrastructure Firms Hit by Ransomware
March 8, 2022

A prolific ransomware variant has compromised at least 52 critical nationwide infrastructure (CNI) entities, a new FBI report has exposed.

In a new Flash update, the Feds claimed that corporations in 10 CNI sectors experienced been impacted as of January this yr, like producing, power, economic solutions, governing administration and IT.

Whilst the group has improved its tools, procedures and techniques (TTPs) to continue to be hidden more than the previous two several years, the FBI said attackers usually use VMProtect, UPX and custom made packing algorithms and deploy a customized Windows XP digital machine on the victim’s web site.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


“RagnarLocker iterates as a result of all working services and terminates services typically made use of by managed provider vendors to remotely administer networks. The malware then attempts to silently delete all Quantity Shadow Copies, stopping user restoration of encrypted data files,” the report stated.

“Lastly, RagnarLocker encrypts all accessible files of fascination. Alternatively of selecting which information to encrypt, RagnarLocker chooses which folders it will not encrypt. Taking this tactic lets the personal computer to continue on to work ‘normally’ though the malware encrypts documents with recognized and not known extensions containing details of value to the victim.”

While the FBI to start with turned mindful of RagnarLocker in April 2020, the initially regarded attacks day back again to late 2019. During that time, the group and its affiliate marketers have compromised a array of companies, from beverage giant Campari Group to vitality firm EDP and French transport multinational CMA CGM.

The quantity of CNI corporations compromised by the team will be especially relating to in light-weight of the escalating geopolitical tensions in between Russia and the US in excess of the former’s invasion of Ukraine.

The RagnarLocker variant checks for the area of the target device and all those in mostly previous Soviet international locations are spared infection, hinting at the origin of the team.


Some areas of this report are sourced from:
www.infosecurity-journal.com

Previous Post: «Cyber Security News Coinbase: We’re Blocking 25,000 Russian Accounts
Next Post: Samsung Confirms Data Breach After Hackers Leak Galaxy Source Code samsung confirms data breach after hackers leak galaxy source code»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • US and Korean Agencies Issue Warning on North Korean Cyber-Attacks
  • Malicious PyPI Packages Use Compiled Python Code to Bypass Detection
  • New Botnet Malware ‘Horabot’ Targets Spanish-Speaking Users in Latin America
  • The Importance of Managing Your Data Security Posture
  • Camaro Dragon Strikes with New TinyNote Backdoor for Intelligence Gathering
  • Insurers Predict $33bn Bill for Catastrophic “Cyber Event”
  • Chinese Phishing Gang “PostalFurious” Expands Campaign
  • Kaspersky Says it is Being Targeted By Zero-Click Exploits
  • North Korea’s Kimsuky Group Mimics Key Figures in Targeted Cyber Attacks
  • MOVEit Transfer Under Attack: Zero-Day Vulnerability Actively Being Exploited

Copyright © TheCyberSecurity.News, All Rights Reserved.