Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Which is the link between Ryuk ransomware and TrickBot?
#1
Quote:Financially motivated threat actors,referred to as TEMP.MixMaster, are infecting victims with Trickbot malware before deploying the infamous Ryuk ransomware and so far have managed to make off with a reported $3.7 million worth of Bitcoin.

The attacks are also unique as the threat actors often wait for extended periods after gaining access, often profiting from the victims in other ways, before launching ransomware attacks.

FireEye researchers noted the threat actors have been active since at least december 2017 and while it’s unclear exactly who is behind the attacks numerous reports have attributed the campaign to North Korea, according to a Jan. 10 blog post.

“In multiple incidents, rather than relying solely on built-in TrickBot capabilities, TEMP.MixMaster used EMPIRE and RDP connections to enable lateral movement within victim environments,” researchers said in the post.

“Interactive deployment of ransomware, such as this, allows an attacker to perform valuable reconnaissance within the victim network and identify critical systems to maximize their disruption to business operations, ultimately increasing the likelihood an organization will pay the demanded ransom.”

Source: https://www.scmagazine.com/home/security...ansomware/
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
AWZ Screen Recorder
AWZ Screen Recorder ...zevish — 11:05
Website X5 Go 2024.1
Website X5 Go 2024.1...zevish — 09:32
Apple's rules to allow third-party app ...
Apple has announ...alison30 — 09:28
Intel: Microsoft AI PCs need a Copilot K...
Microsoft hopes th...harlan4096 — 08:55
Synchredible 8 Professional Edition v8.2...
          Synchredib...zevish — 08:54

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
There are no staff members currently online.

>