The Nefilim ransomware group, known to be active since February 2020, adopts the Nemty ransomware code written in the Delphi programming language. It uses a Citrix vulnerability/RDP to access corporate networks. Nefilim started its own data leak site called ‘Corporate Leaks,’ where the operators publish exfiltrated data from compromised organizations if they refuse to pay.
The SunCrypt ransomware family was first spotted in October 2019, but it was not very active at that time. The group behind it was independent in the beginning, but they recently joined the so-called Maze cartel – combining forces to rob individuals and companies around the world. This cartel included Maze and LockBit when it first started, but later welcomed Ragnar Locker and now SunCrypt.
The newly released Acronis Cyber Readiness Report reveals that organizations continue to struggle to protect their data and infrastructure against the new challenges of the remote work landscape. It also underscores how new solutions are required 92% of surveyed companies reported they had to adopt new technologies to enable remote work, including workplace collaboration tools, privacy solutions, and endpoint cybersecurity.
NetWalker ransomware was discovered in August 2019 in the wild. It implements a ransomware-as-a-service model, targeting both organizations and individual users. Since March 2020, the operators have managed to extort approximately $25 million.
The first examples of the Shlayer malware family were discovered in February 2018. Since then, it has become the most popular macOS first-stage trojan-downloader.