![]() ![]() ![]() REvil has previously dabbled in deploying its ransomware through a so-called supply chain attack, which exploits how interconnected internet services are. Like a number of other Russian-speaking ransomware gangs, REvil has made a fortune in recent years by hacking individual organizations, locking their computers, stealing their files and demanding a payment to fix things and not leak what they stole. REvil, likely best known for hacking JBS, one of the world's largest international meat suppliers, has been active since at least early 2019. "What we're seeing here is the tactics of more sophisticated adversaries, like nation-states, trickling down toward these less sophisticated, more financially motivated criminal ransomware groups," said Jack Cable, a researcher at the Krebs Stamos Group, a cybersecurity consultancy. ![]() This gave them access to potentially tens or hundreds of thousands of victims. Most concerning is that they even deployed a zero-day, a cybersecurity term for a vulnerability in a program that software developers aren't aware of and thus haven't had time to fix.Īnd they didn't target a single victim, but rather a company with a small but key role in the internet ecosystem. The hackers behind the spree, the Russian-speaking ransomware gang REvil, adopted two new tactics previously not used by the ransomware gangs that continually hack targets around the world, but particularly in the U.S. The gang used a level of planning and sophistication closer to high-level, government-backed hackers, rather than a mere criminal operation, they say. But it's not the number of victims that's keeping experts up at night. A cybercriminal gang's spree over the Fourth of July weekend ended up infecting more than 1,500 organizations around the world with ransomware, according to the cybersecurity company Huntress. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |