Lord777
Professional
- Messages
- 2,577
- Reaction score
- 1,563
- Points
- 113
Internal management information becomes a key asset in the hands of a new group of hackers.
The company F. A. C. C. T. recorded the activity of a new group of cybercriminals calling themselves "Werewolves". Since June of this year, they have been carrying out targeted attacks on Russian enterprises, demanding ransom for decryption and non-proliferation of confidential data. Buyout amounts range from $ 130,000 to $ 1 million, the last of which is the price for information about the internal processes and management of target organizations.
In recent months, starting in May, 21 companies have been hit, most of which are based in Russia. Among the victims are microfinance institutions, representatives of the oil and gas industry, the hotel business and the IT sector. The problem was particularly acute in September and October, when attacks on 11 Russian companies were registered.
Criminals are not limited to extortion alone. They also publish data about those who refuse to pay on a specialized DLS website available in Russian and English. These publications contain criticism of the victims information security, which further increases the pressure.
As a tool for attacks, a modified version of the well-known LockBit3 (Black) ransomware virus is used, as well as tools that previously belonged to the Conti criminal group, known for its large-scale attacks.
In addition, "Werewolves" actively seek cooperation with insiders inside the attacked companies, offering large sums for providing compromising information. This indicates a new level of threat, when the company's internal resources can be used against it.
Industry experts note that the tactics and methods of "Werewolves" distinguish them from other cybercrime groups, indicating the desire to attract attention and create a certain image in the hacker environment.
The company F. A. C. C. T. recorded the activity of a new group of cybercriminals calling themselves "Werewolves". Since June of this year, they have been carrying out targeted attacks on Russian enterprises, demanding ransom for decryption and non-proliferation of confidential data. Buyout amounts range from $ 130,000 to $ 1 million, the last of which is the price for information about the internal processes and management of target organizations.
In recent months, starting in May, 21 companies have been hit, most of which are based in Russia. Among the victims are microfinance institutions, representatives of the oil and gas industry, the hotel business and the IT sector. The problem was particularly acute in September and October, when attacks on 11 Russian companies were registered.
Criminals are not limited to extortion alone. They also publish data about those who refuse to pay on a specialized DLS website available in Russian and English. These publications contain criticism of the victims information security, which further increases the pressure.
As a tool for attacks, a modified version of the well-known LockBit3 (Black) ransomware virus is used, as well as tools that previously belonged to the Conti criminal group, known for its large-scale attacks.
In addition, "Werewolves" actively seek cooperation with insiders inside the attacked companies, offering large sums for providing compromising information. This indicates a new level of threat, when the company's internal resources can be used against it.
Industry experts note that the tactics and methods of "Werewolves" distinguish them from other cybercrime groups, indicating the desire to attract attention and create a certain image in the hacker environment.
