In a first for the FBI, their Cyber Division has released a FLASH alert to warn about a ransomware affiliate. The cybercriminals in question are the OnePercent group, which has operated since at least November 2020 and has ties to the REvil, Maze, and Egregor extortion gangs.
While no specific victims were identified in this alert, it's safe to assume the FBI considers the group to be a serious threat. OnePercent has shown flexibility in the past, jumping between ransomware affiliate programs and quickly adapting to the many changes in the ransomware industry since they appeared on the scene.
OnePercent uses a variety of tools, including the IcedID banking trojan, Cobalt Strike, PowerShell, and AWS S3 cloud, to access systems for the purpose of stealing and encrypting data.
Even when a ransomware affiliate jumps between platforms, the Active Protection included in Acronis Cyber Protect keeps you safe by detecting and blocking all forms of malware based on the malicious behaviors they exhibit.