January 12, 2022  —  Eric Swotinsky

Night Sky ransomware emerges as a new threat

A new ransomware operator by the name of Night Sky was first observed in action at the tail end of 2021. The group has already successfully struck at least two victims in Japan and Bangladesh, and has published data stolen in these attacks.

Night Sky ransomware encrypts all files except those with an .exe or .dll extension and appends .NightSky to the file name. The group uses double-extortion techniques, not merely encrypting files and holding them hostage but also stealing sensitive data off victims' systems and threatening to publish it if the ransom is not paid. A ransom of $800,000 was demanded from one victim; the value of the other ransom is unknown at this time.

Even against new ransomware threats like Night Sky, the Active Protection in Acronis Cyber Protect effectively detects and blocks malware based their malicious behaviors, keeping your sensitive data safe from harm.