This week has been brutal, not because of many ransomware variants released but due to a single ransomware campaign that affected thousands of people.
Last weekend started with a new infection called Nitro Ransomware that demanded Discord Nitro gift code rather than cryptocurrency to decrypt files.
It got really busy, though, on Tuesday when a Qlocker ransomware attack began exploiting vulnerabilities in QNAP NAS storage devices to encrypt device’s files with the 7zip program.
This attack is the largest one this year that has affected the most people at once, ranging from business owners to consumers using their NAS devices to store family photos and movies.
While this attack has slowed down, we continue to see a steady trickle of new victims.
Contributors and those who provided new ransomware information and stories this week include: @LawrenceAbrams, @FourOctets, @serghei, @jorntvdw, @DanielGallagher, @VK_Intel, @struppigel, @malwrhunterteam, @fwosar, @demonslay335, @BleepinComputer, @malwareforme, @PolarToffee, @Ionut_Ilascu, @Seifreed, @campuscodi, @snlyngaas, @jackhcable, @vxunderground, @IntelAdvanced, @JakubKroustek, @fbgwls245, @chum1ng0, @PogoWasRight, @GrujaRS, @Amigo_A_, and @3xp0rtblog.
Also Read: Going Beyond DPO Meaning: Ever Heard Of Outsourced DPO?
Recent attacks from Ryuk ransomware operators show that the actors have a new preference when it comes to gaining initial access to the victim network.
GrujaRS found a new Zeoticus 2.0 ransomware variant that appends the .pandora extension and drops a ransom note named .pandoraREADME.html.
3xp0rt found a post by Babuk Locker where they state they fixed bugs found in their ransomware.
In a novel approach to ransom demands, a new ransomware calling itself ‘NitroRansomware’ encrypts victim’s files and then demands a Discord Nitro gift code to decrypt files.
dnwls0719 found a new Xorist ransomware variant that appends .btCry_zip and drops a ransom note HOW TO DECRYPT FILES.txt.
The REvil ransomware gang asked Apple to “buy back” stolen product blueprints to avoid having them leaked on REvil’s leak site before today’s Apple Spring Loaded event where the new iMac was introduced.
A massive ransomware campaign targeting QNAP devices worldwide is underway, and users are finding their files now stored in password-protected 7zip archives.
Jakub Kroustek found two new Dharma Ransomware variants that append the .2122 and .HPJ extensions.
dnwls0719 found a new Nefilim Ransomware variant that appends the .BENTLEY extension and drops a ransom note named BENTLEY-HELP.txt.
Also Read: Limiting Location Data Exposure: 8 Best Practices
The operators of the Darkside ransomware are expanding their extortion tactics with a new technique aimed at companies that are listed on NASDAQ or other stock markets.
The hackers behind a nascent strain of ransomware hit a snag this week when a security researcher found a flaw in the payment system and, he says, helped victims save $27,000 in potential losses.
Established in 2018, Privacy Ninja is a Singapore-based IT security company specialising in data protection and cybersecurity solutions for businesses. We offer services like vulnerability assessments, penetration testing, and outsourced Data Protection Officer support, helping organisations comply with regulations and safeguard their data.
Singapore
7 Temasek Boulevard,
#12-07, Suntec Tower One,
Singapore 038987
