Vawtrak is a banking trojan — a form of malware that attempts to steal credentials from banks. It spreads via phishing emails and spam emails that contain a malicious document, loaded with a macro. The primary target of this malware are banks and insurance companies, mainly in Germany.
Royal ransomware was first spotted in January 2022, targeting different corporations. This group does not provide ransomware-as-a-service. The attackers demand figures ranging from $250,000 to over $2 million from their victims.
Acronis Cyber Protect with the Advanced Security pack successfully passed the rigorous test criteria established by AV-Comparatives for their Advanced Threat Protection test, and was certified as an advanced threat prevention solution recommended for use by any business, including enterprise-level companies.
AXLocker is a ransomware that was found by malware researcher ‘S!ri,’ who posted it on Twitter. Later, it was discovered that AXLocker does not only encrypt files but also steals victims’ Discord credentials and uploads them to its own Discord server. Specifically, the AXLocker ransomware steals tokens stored on a local computer when the user logs in to Discord. It’s not packed or obfuscated.
Killnet is a Russian hacker group, previously known for providing DDoS services. At the end of October 2022, the security channel PCrisk discovered the first sample of Killnet ransomware. The group, via a Telegram channel, also announced a ransomware attack on an Italian chemical factory.
We’re proud to share that Acronis Cyber Protect Cloud with Advanced Security received excellent results in the latest AV-Comparatives Business Security Test, published on October 13, 2022.
CommonSpirit Health, one of the largest nonprofit hospitals in the US, has seemingly been hit by a cyberattack. The organization faced a disruption of its IT systems that led to some delays in patient care.
The infamous Hive ransomware gang has been busy lately. Just in the last week, they've claimed responsibility for four new victims.
On June 22, 2022, CNCERT IoT Threat Research Team and NSFOCUS FuYingLab monitored a new botnet that was attacking IoT devices. Naming the threat ‘RapperBot,’ researchers found more than 5,000 compromised hosts, but no attack commands were spotted. In analyzing samples, cybersecurity analytics found similarities with Mirai Bot, whose source code has been leaked.
Leading hospitality company InterContinental Hotels Group PLC (also known as IHG Hotels & Resorts) has been impacted by a cyberattack. The hotel group's APIs are down and showing 502 and 503 HTTP errors, while customers are unable to log into their accounts.
A new Instagram phishing campaign has been discovered, attempting to scam users of the popular social media platform by luring them with the offer of a coveted "blue badge" — official verification of the user's profile. As part of the alleged verification process, users are asked to reveal their password and other sensitive information, all of which is sent directly to the attacker.
The LockBit ransomware gang has announced that it is working to take its operation to the triple-extortion level. The gang is now looking to add DDoS as an extortion tactic on top of encrypting data and exfiltrating it (to threaten future leaks).