CarderPlanet
Professional
- Messages
- 2,549
- Reaction score
- 724
- Points
- 113
The FBI spoke about a new trend in the cybercrime world.
The FBI has warned of a new trend in ransomware attacks, in which attackers are now using several types of ransomware to encrypt victims systems in just two days. The information was disclosed in a private notice to industry from the FBI, which was prompted by observed trends starting in July 2023.
The FBI has noticed cases of two separate ransomware variants being used in targeted attacks on organizations. The variants used in double attacks include AvosLocker, Diamond, Hive, Karakurt, LockBit, Quantum, and Royal .
This approach to using two ransomware variants resulted in a combination of data encryption, exfiltration, and financial losses due to ransomware. Previously, ransomware typically took at least 10 days to execute such attacks, but now the vast majority of ransomware incidents targeting the same victim occur within just 48 hours.
In one attack last year, a car supplier was hacked 3 times in 2 months by LockBit, Hive, and ALPHV/BlackCat groups. While the affected organization was busy restoring systems encrypted by LockBit and Hive after the first hack, the ALPHV/BlackCat group connected to previously compromised devices to steal data and encrypt files.
The FBI advises organizations to maintain close relationships with local FBI offices so that the agency can help identify vulnerabilities and mitigate potential threats. In addition, it is recommended to ensure the security of remote access (VNC, RDP) and other solutions, access to which should be restricted exclusively via VPN and provided only to accounts with strong passwords and multi-factor authentication (MFA).
The FBI has warned of a new trend in ransomware attacks, in which attackers are now using several types of ransomware to encrypt victims systems in just two days. The information was disclosed in a private notice to industry from the FBI, which was prompted by observed trends starting in July 2023.
The FBI has noticed cases of two separate ransomware variants being used in targeted attacks on organizations. The variants used in double attacks include AvosLocker, Diamond, Hive, Karakurt, LockBit, Quantum, and Royal .
This approach to using two ransomware variants resulted in a combination of data encryption, exfiltration, and financial losses due to ransomware. Previously, ransomware typically took at least 10 days to execute such attacks, but now the vast majority of ransomware incidents targeting the same victim occur within just 48 hours.
In one attack last year, a car supplier was hacked 3 times in 2 months by LockBit, Hive, and ALPHV/BlackCat groups. While the affected organization was busy restoring systems encrypted by LockBit and Hive after the first hack, the ALPHV/BlackCat group connected to previously compromised devices to steal data and encrypt files.
The FBI advises organizations to maintain close relationships with local FBI offices so that the agency can help identify vulnerabilities and mitigate potential threats. In addition, it is recommended to ensure the security of remote access (VNC, RDP) and other solutions, access to which should be restricted exclusively via VPN and provided only to accounts with strong passwords and multi-factor authentication (MFA).
