Thursday, March 28, 2024

New Ransomware that Threatens Companies to Pay Ransom Within 3 days Else they Leak Data

The threat actor group behind new ransomware dubbed “Egregor” targets companies to steal sensitive data and then encrypt all the files.

Researchers from Appgate, discovered the ransomware, according to their code analysis the ransomware found to be the spinoff of the Sekhmet ransomware.

Egregor Ransomware Targets

The ransomware group targets companies worldwide including the global logistic company GEFCO, according to their advisory at least 13 different companies were infected.

The threat actors behind the ransomware hacking into companies network and steals the sensitive data, once the data exfiltrated they encrypt all the files.

According to the ransom note “if the ransom is not paid by the company within 3 days, and aside from leaking part of the stolen data, they will distribute via mass media where the company’s partners and clients will know that the company was attacked.”

The developers behind the ransomware followed many code obfuscation methods to pack the payloads and it will get decrypted only if the correct decryption key is provided.

Attackers follow this method to avoid manually or sandbox analysis, also the group has an “Egregor news” website, hosted on the deep web to leak stolen data.

“Egregors’ ransom note also says that aside from decrypting all the files in the event the company pays the ransom, they will also provide recommendations for securing the company’s network, “helping” them to avoid being breached again, acting as some sort of black hat pentest team.”

Ransomware attack is quite common nowadays since Malicious software spreading everywhere through various mediums. The cybercriminals that use it are looking to do one thing, extort your money.

You can also read the complete ransomware mitigation checklist

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity and hacking news updates.

Website

Latest articles

Wireshark 4.2.4 Released: What’s New!

Wireshark stands as the undisputed leader, offering unparalleled tools for troubleshooting, analysis, development, and...

Zoom Unveils AI-Powered All-In-One AI Work Workplace

Zoom has taken a monumental leap forward by introducing Zoom Workplace, an all-encompassing AI-powered...

iPhone Users Beware! Darcula Phishing Service Attacking Via iMessage

Phishing allows hackers to exploit human vulnerabilities and trick users into revealing sensitive information...

2 Chrome Zero-Days Exploited at Pwn2Own 2024: Patch Now

Google has announced a crucial update to its Chrome browser, addressing several vulnerabilities, including...

The Moon Malware Hacked 6,000 ASUS Routers in 72hours to Use for Proxy

Black Lotus Labs discovered a multi-year campaign by TheMoon malware targeting vulnerable routers and...

Hackers Actively Exploiting Ray AI Framework Flaw to Hack Thousands of Servers

A critical vulnerability in Ray, an open-source AI framework that is widely utilized across...

Chinese Hackers Attacking Southeast Asian Nations With Malware Packages

Cybersecurity researchers at Unit 42 have uncovered a sophisticated cyberespionage campaign orchestrated by two...
Guru baran
Guru baranhttps://gbhackers.com
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles