BazarLoader used to deploy Ryuk ransomware on high-value targets

Posted by & filed under Ειδοποιήσεις.

The TrickBot gang operators are increasingly targeting high-value targets with the new stealthy BazarLoader trojan before deploying the Ryuk ransomware. For years, the TrickBot gang has been using their trojan to compromise enterprise networks by downloading different software modules used for specific behavior such as stealing passwords, spreading to other machines, or even stealing a domain’s Active Directory… Read more »

Ryuk Ransomware Forces Prosegur Security Firm to Shut Down Network

Posted by & filed under Ειδοποιήσεις.

In a statement at midday today (local time), Spanish multinational security company Prosegur announced that it was the victim of a cybersecurity incident disrupting its telecommunication platform. The company restricted communications with its customers to avoid malware propagation. According to Derecho de la Red, the malware strain used in the attack is Ryuk, delivered via Emotet…. Read more »

Ryuk Ransomware Adds IP and Computer Name Blacklisting

Posted by & filed under Ειδοποιήσεις.

A new variant of the Ryuk Ransomware has been discovered that adds IP address and computer blacklisting so that matching computers will not be encrypted. This new sample was discovered yesterday by MalwareHunterTeam, who saw that it was signed by a digital certificate. After this sample was examined by security researcher Vitali Kremez, it was discovered that a few changes were… Read more »