Thursday, May 19, 2022
HomeCyber SecurityThe Week in Ransomware - January 14th 2022

The Week in Ransomware – January 14th 2022

At the moment, the Russian authorities introduced that they arrested fourteen members of the REvil ransomware gang on behalf of US authorities.

Whereas the ransomware gang members are solely being charged with “unlawful circulation of technique of cost,” the arrests are the primary public motion by Russia to stem the actions of ransomware gangs working throughout the nation.

Moreover, Russia states that they took this motion on behalf of US legislation enforcement, who they’ve traditionally been reluctant to assist in felony cybercrime investigations.

Nevertheless, some risk actors imagine that that is simply Russia attempting to appease the USA and that future legislation enforcement cooperation won’t be frequent.

Ukrainian police additionally arrested members of a ransomware operation who encrypted at the very least fifty corporations within the USA and Europe. Nevertheless, the identify of the ransomware gang has not been disclosed.

Different information this week is the discovering of a Linux encryptor for the AvosLocker ransomware operation that targets VMware ESXi, the Night time Sky ransomware operation utilizing Log4j assaults, TellYouThePass returns as a multi-platform Golang risk, and that Magniber ransomware utilizing signed APPX recordsdata to contaminate victims.

Contributors and people who supplied new ransomware data and tales this week embody: @fwosar, @BleepinComputer, @DanielGallagher, @PolarToffee, @malwrhunterteam, @demonslay335, @billtoulas, @jorntvdw, @serghei, @VK_Intel, @malwareforme, @struppigel, @LawrenceAbrams, @FourOctets, @Ionut_Ilascu, @Seifreed, @ahnlab, @CrowdStrike, @MsftSecIntel, @ChristiaanBeek, @fbgwls245, @Amigo_A_,@JakubKroustek, and @pcrisk.

January eighth 2022

New Wasp Ransomware

dnwls0719 discovered the brand new Wasp Ransomware that appends the .0.locked extension to encrypted recordsdata.

Wasp Ransomware

January tenth 2022

Linux model of AvosLocker ransomware targets VMware ESXi servers

AvosLocker is the newest ransomware gang that has added help for encrypting Linux methods to its current malware variants, particularly concentrating on VMware ESXi digital machines.

FinalSite: No college knowledge stolen in ransomware assault behind web site outages

FinalSite introduced at the moment the findings of a six-day investigation into final week’s ransomware assault, stating it discovered no proof colleges’ knowledge accessed or stolen by hackers.

New STOP Ransomware variant

Jakub Kroustek discovered a brand new STOP ransomware variant that appends the .nqhd extension.

January eleventh 2022

Night time Sky ransomware makes use of Log4j bug to hack VMware Horizon servers

The Night time Sky ransomware gang has began to take advantage of the vital CVE-2021-44228 vulnerability within the Log4j logging library, also referred to as Log4Shell, to achieve entry to VMware Horizon methods.

January twelfth 2022

Magniber ransomware utilizing signed APPX recordsdata to contaminate methods

The Magniber ransomware has been noticed utilizing Home windows software bundle recordsdata (.APPX) signed with legitimate certificates to drop malware pretending to be Chrome and Edge net browser updates.

TellYouThePass ransomware returns as a cross-platform Golang risk

TellYouThePass ransomware has re-emerged as a Golang-compiled malware, making it simpler to focus on extra working methods, macOS and Linux, specifically.

College’s out as cyberattack forces APS to cancel lessons

A cyberattack in opposition to Albuquerque Public Colleges prompted the state’s largest district to cancel all lessons districtwide on Thursday and probably Friday.

New STOP ransomware variant

PCrisk discovered a brand new STOP ransomware variant that appends the .zaqi extension to encrypted recordsdata.

January thirteenth 2022

Ukranian police arrests ransomware gang that hit over 50 corporations

Ukrainian cops have arrested a ransomware affiliate group accountable for attacking at the very least 50 corporations within the U.S. and Europe.

January 14th 2022

Russia arrests REvil ransomware gang members, seize $6.6 million

The Federal Safety Service (FSB) of the Russian Federation says that they shut down the REvil ransomware gang after U.S. authorities reported on the chief.

That is it for this week! Hope everybody has a pleasant weekend!


Most Popular

Recent Comments