The Australian Cyber Security Centre (ACSC) is aware of a ransomware variant called Royal, which is being used by cybercriminals to conduct ransomware attacks against multiple sectors and organisations worldwide, including Australia. Once gaining access to a victim’s environment, cybercriminals use this ransomware for similar purposes to other variants such as encrypting their data and extorting a ransom to return access to the sensitive files.
Context: Royal is a ransomware variant first observed in September 2022, used by cybercriminals to conduct ransomware attacks against multiple sectors and organisations worldwide, including Australia. Once gaining access to a victim’s environment, cybercriminals use this ransomware for similar purposes to other variants such as encrypting their data, and extorting a ransom to return access to the sensitive files. This product provides information related to Royal’s background, threat activity, and mitigation advice.
Read more…
Source: Australian Cyber Security Centre