FBI warns of Ranzy Locker ransomware threat

The FBI recently issued a warning regarding the Ranzy Locker ransomware gang, which rebranded last year and has previously been known as both Ako and ThunderX.

A TLP: WHITE FLASH alert from the FBI states that the Ranzy Locker gang was responsible this year for successfully compromising at least 30 U.S. companies across multiple industries. While no specific companies were named, the FBI reports that victims of the gang span multiple industries, including construction, manufacturing, academia, information technology, and transportation.

Ranzy Locker uses a combination of brute force to crack RDP credentials as well as Microsoft Exchange exploits to gain access to victims' infrastructure and sensitive information. The gang steals unencrypted documents before encrypting them on the victims' systems, and then threatens to publish this data if victims don't pay up.

Regardless of cybercriminals' efforts to rebrand, or the type of ransomware they use, Acronis Cyber Protect delivers threat-agnostic anti-malware protection that recognizes the malicious behaviors inherent to ransomware — and stops them before they can impact your systems and data.