Displaying items by tag: DoppelPaymer

GUEST RESEARCH: Zscaler, the leader in cloud security, has released the findings of its annual ThreatLabz Ransomware Report, which revealed an 80% increase in ransomware attacks year-over-year. In 2022, the most prevalent ransomware trends include double-extortion, supply chain attacks, ransomware-as-a-service, ransomware rebranding, and geo-political incited ransomware attacks. The report analyses over a year's worth of data from the largest security cloud in the world, which processes more than 200 billion daily transactions and 150 million daily blocked attacks across the Zscaler Zero Trust Exchange. The report details which industries are being targeted the most by cybercriminals, explains the damage caused by double-extortion and supply chain attacks, and catalogs the most active ransomware groups operating today.

A ransomware gang has warned victims that any data that has been exfiltrated from their networks during attacks would be destroyed were they to contact companies to negotiate ransom payments.

Zscaler's latest ransomware report says manufacturing is the industry most targeted by double-extortion ransomware.

A branch of the global technology company Foxconn — known as Hon Hai Technology Group in its original domicile Taiwan — has been hit by a group using the Windows DoppelPaymer ransomware which has leaked a few company documents on the dark web.

Premier aircraft leasing asset manager SKY Leasing has been hit by a gang of cyber criminals using the Windows Avaddon ransomware and the attackers have leaked 20 files of the company's data on the dark web.

Security firm Intel 471 claims to have discovered a pattern in ransomware attacks over the past 18 months, with a growing inter-dependence between the actual attackers and those who sell access to compromised systems.

Attackers claim to have used the Windows DoppelPaymer ransomware to hit leading British television production company Endemol Shine and have published a few files from the company that they claim to have exfiltrated from its systems.

Taiwanese original design manufacturer Compal Electronics has suffered a cyber intrusion, with the attackers using the Windows DoppelPaymer ransomware to infiltrate the company's systems in an attack that was reported over the weekend.

The use of improperly secured Remote Desktop Protocol connections on Windows machines has been found to be the biggest entry point for ransomware, according to a quarterly evaluation by Coveware, a company that is intimately involved in handling such attacks.

Webroot has released its annual list of the Nastiest Malware, "revealing phishing, botnet attacks and ransomware as 2020’s most vicious cybersecurity threats".

The University of Newcastle in the UK has been hit by a gang using the Windows DoppelPaymer ransomware, with the institution saying it is investigating the attack that it had noticed on 6 September.

The actors behind the various Windows ransomware packages changed their tactics to prise money out of their victims' hands in October last year, but it remains to be seen whether their use of social pressure will be more profitable than methods used earlier, a researcher from global security firm Sophos has observed.

A company that used its engineering expertise to develop a ventilator in a month because it was needed in New York has fallen victim to a ransomware attack, with cyber criminals using the Windows DoppelPaymer ransomware to attack the company's infrastructure.

The website and email systems of Canada's Royal Military College in Kingston, Ontario, part of the country's National Defence department, have been taken offline following what has been said to be a ransomware attack, a report says.

Cyber criminals appear to have used two different Windows ransomware packages — DoppelPaymer and NetWalker — to attack the City of Knoxville in Tennessee and Trinity Metro, a regional transportation authority of the state of Texas, respectively, and, in a familiar ploy, released screenshots of documents stolen from the two organisations.

Cyber criminals using the DoppelPaymer ransomware that attacks Windows systems have hit Mitsubishi HiTec Paper Europe, a company based in Germany, which is a part of Tokyo-based Mitsubishi Paper Mills.