Cyber Security

FBI Warning: Ransomware Now Focusing on Time-Essential Occasions | Cyware Alerts

The FBI has issued a warning about ransomware teams concentrating on companies concerned in time-sensitive monetary occasions, corresponding to mergers and acquisitions, for his or her extortion makes an attempt.

What’s occurring?

It’s a well-known proven fact that vital occasions corresponding to bulletins, mergers, and acquisitions have excessive probabilities to have an effect on a company’s status in addition to inventory worth.

  • In an alert published by the FBI, the company claims that ransomware teams would use the monetary data obtained earlier than the assaults as leverage to drive the victims to conform to ransom calls for.
  • Within the preliminary reconnaissance section, the ransomware operators could search for personal and non-publicly out there delicate data to make use of throughout extortion.
  • As soon as contained in the community, ransomware operators time their try and to sync their extortion with such occasions to place extra strain on the victims when they’re in the midst of a deal.

Ransomware impacting the inventory worth 

Ransomware teams sending threatening to influence sufferer group inventory worth isn’t a brand new factor. This has been noticed up to now.

  • The DarkSide ransomware group had threatened to share insider particulars on companies buying and selling on NASDAQ or different inventory markets.
  • Final 12 months, the REvil group claimed to think about including an auto-email script that might attain inventory exchanges to allow them to know that companies are hit by ransomware and it could influence their inventory worth.


A number of ransomware teams are innovating with numerous ways in an try and put strain on their victims and extort ransom. Within the coming months, this tactic could also be adopted by different ransomware teams as effectively. Organizations are instructed to organize sufficient safety measures corresponding to taking frequent knowledge backups and implementing a sturdy patch administration system to face up to threatening ransomware assaults.

Source link

Cyber Security

FBI Warning: HelloKitty Provides DDoS for Fast Extortion | Cyware Alerts

The FBI is warning personal trade companions concerning the HelloKitty ransomware group (aka FiveHands/DeathRansom). The group is now utilizing Distributed Denial-of-Service (DDoS) assaults as an extortion tactic.

What’s new?

The FBI warned that the HelloKitty ransomware group, which is thought for encrypting victims’ knowledge and asking for ransom, is now taking down victims’ web sites with DDoS assaults if they don’t conform to pay the ransom.
  • The ransomware group calls for a various quantity of ransom funds for every sufferer, primarily based on their capability to pay.
  • If no ransom is paid, the sufferer knowledge is posted to the Babuk website (payload[.]bin) or offered to a third-party knowledge dealer.
  • The operators make use of a number of methods to breach the targets’ networks. These methods embody compromised credentials and patched safety flaws in SonicWall merchandise (e.g., CVE-2021-20016, CVE-2021-20022, CVE-2021-20021, and CVE-2021-2002).

Extra particulars

  • The FBI shared a group of Indicators of Compromise (IOCs) in its alert to remain shielded from this menace.
  • HelloKitty increased its activity in July and August, simply after it began utilizing the Linux variant in assaults to focus on VMware’s ESXi digital machine platform. 
  • In February, the group had breached and encrypted the techniques of CD Projekt Red.


The alert for HelloKitty ransomware is a severe discover and organizations ought to apply advisable mitigations on the earliest. These mitigations embody backing up important knowledge offline and updating used software program and OS often. Moreover, it’s urged to put in and at all times replace antimalware defenses.

Source link