Ransomware Archives - GBHackers Security | #1 Globally Trusted Cyber Security News Platform

Rise Of Ransomware-As-A-Service Leads To Decline Of Custom Tools

Gurubaran — Wed, 06 Nov 2024 12:30:21 +0000

Ransomware-as-a-Service (RaaS) platforms have revolutionized the ransomware market. Unlike traditional standalone ransomware sales, RaaS offers a subscription-based model where attackers can access pre-built ransomware tools and infrastructure without significant upfront costs. These platforms provide user-friendly dashboards, customization options, and ongoing support, lowering the barrier of entry for cybercriminals, which has made ransomware attacks more accessible […]

The post Rise Of Ransomware-As-A-Service Leads To Decline Of Custom Tools appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A Massive Hacking Toolkit From “You Dun” Threat Group Developed To Lauch Massive Cyber Attack

Gurubaran — Mon, 04 Nov 2024 11:58:04 +0000

The “You Dun” hacking group exploited vulnerable Zhiyuan OA software using SQL injection, leveraging tools like WebLogicScan, Vulmap, and Xray for reconnaissance. They further escalated privileges on compromised hosts with tools like traitor and CDK. Active Cobalt Strike server leaked, revealing its use in various cyberattacks, including ransomware deployment (LockBit 3) and data theft. The […]

The post A Massive Hacking Toolkit From “You Dun” Threat Group Developed To Lauch Massive Cyber Attack appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Embargo Ransomware Actors Abuses Safe Mode To Disable Security Solutions

Aman Mishra — Mon, 04 Nov 2024 11:50:52 +0000

In July 2024, the ransomware group Embargo targeted US companies using the malicious loader MDeployer and EDR killer MS4Killer. MDeployer deployed MS4Killer, which disabled security products, before executing the Embargo ransomware. The ransomware encrypted files with a random six-letter extension and dropped a ransom note, while Embargo, operating as a RaaS provider, used double extortion […]

The post Embargo Ransomware Actors Abuses Safe Mode To Disable Security Solutions appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Hackers Use Fog Ransomware To Attack SonicWall VPNs And Breach Corporate Networks

Aman Mishra — Tue, 29 Oct 2024 13:09:21 +0000

Recent cyberattacks involving Akira and Fog threat actors have targeted various industries, exploiting a vulnerability (CVE-2024-40766) in SonicWall SSL VPN devices, where these attacks, initiated early in the kill chain, leverage malicious VPN logins from VPS-hosted IP addresses. The rapid escalation from initial access to ransomware encryption, often within the same day, highlights the urgency […]

The post Hackers Use Fog Ransomware To Attack SonicWall VPNs And Breach Corporate Networks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Four Evil Ransomware Operators Sentenced For Hacking Enterprises

Divya — Mon, 28 Oct 2024 06:09:11 +0000

The St. Petersburg Garrison Military Court has sentenced four individuals involved in a notorious ransomware operation. Artem Zayets, Aleksey Malozemov, Daniil Puzyrevsky, and Ruslan Khansvyarov have been found guilty of illegally circulating means of payment. Puzyrevsky and Khansvyarov were also charged with using and distributing malicious software. This verdict marks a significant step in the […]

The post Four Evil Ransomware Operators Sentenced For Hacking Enterprises appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Dark Angels Ransomware Attacking Windows And Linux/ESXi Systems

Aman Mishra — Wed, 09 Oct 2024 11:15:23 +0000

The sophisticated ransomware group Dark Angels, active since 2022, targets large companies for substantial ransom payments by employing third-party ransomware payloads like Babuk, RTM Locker, and RagnarLocker to encrypt files on Windows and Linux systems. It employs ransomware in a strategic manner, taking into account the potential impact of file encryption, in order to minimize […]

The post Dark Angels Ransomware Attacking Windows And Linux/ESXi Systems appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Prince Ransomware Hits UK and US via Royal Mail Phishing Scam

Divya — Fri, 04 Oct 2024 08:51:31 +0000

A new ransomware campaign targeting individuals and organizations in the UK and the US has been identified. The attack, known as the “Prince Ransomware,” utilizes a phishing scam that impersonates the British postal carrier Royal Mail. This campaign highlights the growing sophistication of cyber threats and the need for heightened vigilance among internet users. The […]

The post Prince Ransomware Hits UK and US via Royal Mail Phishing Scam appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

RansomHub Ransomware Using Multiple Techniques To Disable EDR And Antivirus

Aman Mishra — Thu, 26 Sep 2024 09:15:38 +0000

The RansomHub ransomware group tracked as Water Bakunawa, employs targeted spear-phishing to exploit the Zerologon vulnerability, allowing them to gain unauthorized access to networks, affecting various industries and critical infrastructure sectors, demanding ransom payments for data release. The group’s recent integration of EDRKillShifter, a tool designed to evade detection and disrupt security processes, poses a […]

The post RansomHub Ransomware Using Multiple Techniques To Disable EDR And Antivirus appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

New Mallox Ransomware Linux Variant Attacking Enterprise Linux Servers

Gurubaran — Thu, 26 Sep 2024 09:00:15 +0000

Kryptina RaaS, a free and open-source RaaS platform for Linux, initially struggled to attract attention. Still, after a Mallox affiliate’s staging server was leaked in May 2024, Kryptina’s modified version, branded Mallox v1.0, gained prominence. The research examines the data exposed in the leak, highlighting differences between the original Kryptina RaaS (v2.2) and Mallox v1.0 […]

The post New Mallox Ransomware Linux Variant Attacking Enterprise Linux Servers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

TWELVE Threat Attacks Windows To Encrypt Then Deleting Victims’ Data

Gurubaran — Thu, 26 Sep 2024 08:48:31 +0000

The threat actor, formed in 2023, specializes in ransomware attacks targeting Russian government organizations. It encrypts and deletes victim data, exfiltrates sensitive information, and aims to inflict maximum damage on critical assets. The threat actor likely scans IP address ranges in Russia to identify VPN servers and applications accessible from the internet that could serve […]

The post TWELVE Threat Attacks Windows To Encrypt Then Deleting Victims’ Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.