The REvil ransomware group has come to prominence recently by infecting networks around the world with ransomware and demanding large sums of money from their victims. The group commonly posts proof of their successful ransomware efforts on their blog, called Happy Blog, where one of their most recent victims, Acer, has appeared on the list. Acer has yet to confirm the … [Read more...]
Garmin Suffers Massive WastedLocker Ransomware Attack
Last Thursday, the GPS and smartwatch firm Garmin suffered what was allegedly a massive, system-wide ransomware attack, forcing them to take down all of their services ranging from their apps to their support call centers. While Garmin has been tight-lipped as to the cause of the outage, multiple publications have reported that the company was targeted by WastedLocker, a … [Read more...]
Why Ransomware is Paying Off for Attackers
Ransomware attacks have steadily escalated over the last year and a half. Newer attacks have focused on specific targets, demanded higher ransoms, and grown more advanced, targeted and difficult to spot. In early 2020, a new ransomware attack named Maze stole data from infected machines before locking them, giving the ransomware authors an additional revenue stream. … [Read more...]
MedusaLocker Ransomware Will Bypass Most Antivirus Software
Last week we came across ransomware with unique evasion techniques in a new variant, or possibly a copycat, of the MedusaLocker ransomware. MedusaLocker ransomware, first seen in September 2019, came with a batch file to evade detection. Batch files contain script commands running in a Command Prompt on Windows machines and have the .bat extension. In the malicious … [Read more...]
Mailto Ransomware Takes a Toll on Shipping Company
On February 3, Toll Group, an Australian transportation and logistics company, shut down its IT systems as a result of a “cyber security incident.” The organization reported shortly thereafter that multiple sites and business units had been targeted with ransomware attacks. The Mailto or Kazkavkovkiz ransomware affecting Toll Group is very similar to the many variants of … [Read more...]