A notorious ransomware group has demanded more than half a billion dollars from victims in less than two years.
Read more in my article on the Hot for Security blog.
Category: BlackSuit
Recent reports have highlighted a disturbing trend: ransomware gangs are increasingly targeting the healthcare sector, leading to severe consequences such as blood shortages and the cancellation of emergency services. Alarmingly, a particular ransomware group has now accumulated a staggering $500 million—an amount comparable to the annual budget of a county or small island.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have issued a joint alert regarding BlackSuit ransomware gang’s latest ransom demand, which has reached an unprecedented $100 million. Initially, the gang demanded $60 million from a Fortune 500 company. If the payment, which must be made in cryptocurrency, is not met within the specified time frame, the demand will escalate to $100 million.
This pattern suggests that these cybercriminals could potentially amass substantial wealth by conducting successive attacks, which could be funneled into further criminal activities, wars, or the nuclear ambitions of some rogue leaders.
Notably, the ransom demand is not made immediately following an attack but is instead presented during the negotiation phase, after a secure connection has been established with the threat actor through an Onion browser.
Potential targets include commercial businesses, financial institutions, public health facilities, manufacturing firms, and certain government entities.
Cybersecurity Insiders readers should be aware that BlackSuit is a sophisticated criminal organization that evolved from the now-defunct Royal Ransomware. This gang primarily spreads its malware through phishing emails, and the malicious software can evade detection by conventional anti-malware solutions.
Law enforcement agencies strongly advise victims against paying any ransom. Instead, they encourage reporting incidents to cyber police agencies, as paying the ransom not only fuels criminal activities but also does not guarantee the provision of a decryption key.
The post Meet the ransomware gang that demands $500 million appeared first on Cybersecurity Insiders.
Recent developments in the world of cybersecurity highlight significant incidents involving ransomware attacks across various sectors.
One notable event involves Avast, a prominent antivirus software provider, stepping forward to offer free decryption keys to victims of the DoNex ransomware. Collaborating with law enforcement agencies, Avast aims to provide more decryption tools to assist ransomware victims in the future. Previously known as Muse ransomware, DoNex has rebranded itself as LockBit 3.0 or DarkRace and has been targeting public and private entities in the United States, Netherlands, and Italy.
In another incident, Monroe County faced a severe ransomware attack by the Russian hacking group BlackSuit. This attack has led to the lockdown of computer networks belonging to local courts and government offices for over a week. BlackSuit gained notoriety earlier for crippling the automotive sales industry in the United States by encrypting operational files of CDK Group, resulting in substantial financial losses.
Meanwhile, Veeam Backup & Replication software has become a new target for ransomware attacks, specifically by the Estate ransomware. Cybersecurity firm GroupIB discovered that hackers are exploiting vulnerabilities in Veeam software, notably CVE-2023-27532, to infiltrate user networks.
Lastly, Eldorado ransomware has emerged targeting both Windows and Linux systems. This group, purportedly linked to the Russian-speaking cybercriminal group LockBit, utilizes the Golang operating system for its malicious activities.
These incidents underscore the escalating threat posed by ransomware attacks globally, prompting increased vigilance and proactive measures among organizations and cybersecurity experts.
Lastly, any business that unfortunately becomes a victim to a cyber attack must report the incident to the law enforcement and related agencies. As this information share allows the authorities issued a cyber alert to other firms and organizations that can bolster their defenses against such ransomware attacks.
The post Latest Ransomware news trending on Google appeared first on Cybersecurity Insiders.
A ransomware attack by the BlackSuit gang against South Africa's National Health Laboratory Service (NHLS) has put lives at risk and created chaos for healthcare services across the country.
Read more in my article on the Hot for Security blog.
The East Central University (ECU) of Ada, Oklahoma, has revealed that a ransomware gang launched an attack against its systems that left some computers and servers encrypted and may have also seen sensitive information stolen.
Read more in my article on the Hot for Security blog.