Cyber Security

FBI Warning: HelloKitty Provides DDoS for Fast Extortion | Cyware Alerts

The FBI is warning personal trade companions concerning the HelloKitty ransomware group (aka FiveHands/DeathRansom). The group is now utilizing Distributed Denial-of-Service (DDoS) assaults as an extortion tactic.

What’s new?

The FBI warned that the HelloKitty ransomware group, which is thought for encrypting victims’ knowledge and asking for ransom, is now taking down victims’ web sites with DDoS assaults if they don’t conform to pay the ransom.
  • The ransomware group calls for a various quantity of ransom funds for every sufferer, primarily based on their capability to pay.
  • If no ransom is paid, the sufferer knowledge is posted to the Babuk website (payload[.]bin) or offered to a third-party knowledge dealer.
  • The operators make use of a number of methods to breach the targets’ networks. These methods embody compromised credentials and patched safety flaws in SonicWall merchandise (e.g., CVE-2021-20016, CVE-2021-20022, CVE-2021-20021, and CVE-2021-2002).

Extra particulars

  • The FBI shared a group of Indicators of Compromise (IOCs) in its alert to remain shielded from this menace.
  • HelloKitty increased its activity in July and August, simply after it began utilizing the Linux variant in assaults to focus on VMware’s ESXi digital machine platform. 
  • In February, the group had breached and encrypted the techniques of CD Projekt Red.


The alert for HelloKitty ransomware is a severe discover and organizations ought to apply advisable mitigations on the earliest. These mitigations embody backing up important knowledge offline and updating used software program and OS often. Moreover, it’s urged to put in and at all times replace antimalware defenses.

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *