RedPacket Security

InfoSec News & Tutorials

News 

US FBI Warned Organisations of the Egregor Ransomware Attacks

admin , ,
Click the icon to Follow me:- twitterTelegramRedditDiscord

 

pexels sora shimazaki 5935791

The US-based FBI (Federal Bureau of Investigation) has warned of the upcoming ransomware attack against the hospitals and private organizations. They initially gave an alert saying that there was a credible ransomware thread that may harm the hospitals and other private organizations. All of it was done in the wake of the increasing cyber-crime rate in the USA. As the situation worsened, they warned the organizations to stay alert with eyes wide open and patches ready. It noteworthy that since the FBI’s warning, one or the other organizations has been becoming a victim of these attacks. 

The world's most advanced processor in the desktop PC gaming segment Can deliver ultra-fast 100+ FPS performance in the world's most popular games 6 cores and 12 processing threads bundled with the quiet AMD wraith stealth cooler max temps 95°C 4 2 G...
AMD Ryzen 5 3600 6-Core, 12-Thread Unlocked Desktop Processor with Wraith Stealth Cooler $199.99
The world's most advanced processor in the desktop PC gaming segment Can deliver ultra-fast 100+ FPS performance in the world's most popular games 6 cores and 12 processing threads bundled with the quiet AMD wraith stealth cooler max temps 95°C 4 2 G... read more
(as of January 20, 2021 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
The world's most advanced processor in the desktop PC gaming segment Can deliver ultra-fast 100+ FPS performance in the world's most popular games 8 cores and 16 processing threads, bundled with the AMD Wraith Prism cooler with color controlled LED s...
AMD Ryzen 7 3700X 8-Core, 16-Thread Unlocked Desktop Processor with Wraith Prism LED Cooler $324.99
The world's most advanced processor in the desktop PC gaming segment Can deliver ultra-fast 100+ FPS performance in the world's most popular games 8 cores and 16 processing threads, bundled with the AMD Wraith Prism cooler with color controlled LED s... read more
(as of January 20, 2021 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
The world's most advanced processor in the desktop PC gaming segment Can deliver ultra-fast 100+ FPS performance in the world's most popular games 12 cores and 24 processing threads, bundled with the AMD Wraith Prism cooler with color controlled LED ...
AMD Ryzen 9 3900X 12-core, 24-thread unlocked desktop processor with Wraith Prism LED Cooler $499.00
The world's most advanced processor in the desktop PC gaming segment Can deliver ultra-fast 100+ FPS performance in the world's most popular games 12 cores and 24 processing threads, bundled with the AMD Wraith Prism cooler with color controlled LED ... read more
(as of January 20, 2021 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Initially, the organizations witnessed some issues with their IT system, and then they started receiving some phishing emails from various sites. The suddenness of the events made the organizations trust the warning released by the FBI, as the Egregor’s chaos unfolded. 
The Egregor ransomware attack targets the organization worldwide. The threat actors behind the operations hack into the networks of the organizations and steal sensitive data. Once the data is exfiltrated they encrypt all the files and then leave a ransomware note stating that, in case, the organization fails to pay the ransom within the given time, then the stolen data will not only be leaked but will also be distributed to the public by means of mass media. 
The aforesaid Egregor ransomware attack was seen in the threat landscape in September 2020, since then the Egregor gang have claimed to compromise over 150 organizations. They have also claimed to have leaked the data of two of the world’s biggest gaming giants, UBISOFT and CRYTEK. The obtained data of these two companies is posted on the ransomware gang dark web. The incident unfolded the two companies didn’t pay the demanded ransom. Despite warnings by security experts, it’s difficult to actively avoid falling prey to ransomware attacks, owing to the nature and modus-operandi of such threats. Besides UBISOFT and CRYTEK, other companies namely BARNES & NOBELS, CENOSUD, and METRO’s Vancouver’s agency Trans Link was also on the list. 
“The FBI assesses Egregor ransomware is operating as a Ransomware as a Service Model. In this model, multiple different individuals play a part in conducting a single intrusion and ransomware event. Because of the large number of actors involved in deploying Egregor, the tactics, techniques, and procedures (TTPs) used in its deployment can vary widely, creating significant challenges for defense and mitigation.” read the FBI’s alert. “Egregor ransomware utilizes multiple mechanisms to compromise business networks, including targeting business network and employee personal accounts that share access with business networks or devices”.
Such ransomware attacks are performed with the help of Phishing emails that may contain malicious attachments or exploits for the remote desktop protocol (RDP) or VPN’s. It must be noted that following the release of the FBI’s warning to the organizations – the threat actors have seemingly paced up in response to the FBI’s action against them, making the entire picture clearer! 

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

You may be interested in...

  • DoorBox - Weatherproof Package Delivery Box (US & Internationally Patented) Steel Cable, Anti-Theft Alarm, Secure Lock to Receive Multiple Deliveries (Ultra-Premium(Alarm Included), Large Blue)
  • Safety Technology International, Inc. STI-6400 Exit Stopper Multifunction Door Alarm, Helps Prevent Unauthorized Exits or Entries Through Emergency Doors
  • ZOSI 8CH 1080P Security Camera System Outdoor with 1TB Hard Drive,H.265+ 8Channel 1080P CCTV Recorder 8pcs HD 1920TVL Home Surveillance Cameras with 120ft Night Vision Easy Remote Access Motion Alert
  • Swann 8 Channel 4 Camera Security System, Wired Surveillance 1080p HD DVR 1TB HDD, Audio Capture, Weatherproof, Color Night Vision, Heat & Motion Sensing Warning Light, Alexa + Google, SWDVK-845804WL
  • Vosker Security Camera Security Cable Lock with 2 Keys, Flexible Braided Steel, 6 Feet Long, Universal Cam and Protection Box Support

    • Discord

    Original Source

    You May Also Like

    AutoRDPwn 1 AutoRDPwn

    AutoRDPwn v5.1 – The Shadow Attack Framework

    admin
    natlas 1

    Natlas – Scaling Network Scanning

    admin
    osint

    Sextortion campaign uses Goontact spyware to target Android and iOS users

    admin