Decoding the Puzzle: Cicada3301 Ransomware Threat Analysis


Cicada3301 ransomware, written in Rust, was first reported less than two months ago. Despite its recent emergence, Morphisec threat researchers have already identified striking similarities between Cicada3301 and the infamous BlackCat ransomware.

Like its namesake, the Cicada puzzle, which has long been associated with complex, cyber-related problem-solving, the true identity of the Cicada3301 ransomware developers remains shrouded in mystery.

Read more…
Source: Morphisec


Sign up for our Newsletter


Related:

  • Apple fixes iPhone and iPad bug used in an ‘extremely sophisticated attack’

    February 10, 2025

    On Monday, Apple released updates for its mobile operating systems for iOS and iPadOS, which fixed a flaw that the company said “may have been exploited in an extremely sophisticated attack against specific targeted individuals.” In the release notes for iOS 18.3.1 and iPadOS 18.3.1, the company said the vulnerability allowed the disabling of USB Restricted ...

  • Scammers target Italian tycoons using defense minister’s AI-generated voice

    February 10, 2025

    Scammers target Italian tycoons using defense minister’s AI-generated voice on OpenAI Voice Engine Scammers used AI-generated voice of Italian Defense Minister Guido Crosetto in an atempts to steal millions of dollars from Italian business tycoons, according to reports. Crosetto said last Thursday on X that someone was using his name and his artificially generated voice to ...

  • Thai-Swiss-US Operation Nets Hackers Behind 1,000+ Cyber Attacks

    February 10, 2025

    Thai police arrested four European hackers in Phuket who allegedly stole $16 million through ransomware attacks affecting over 1,000 victims worldwide. The suspects, wanted by Swiss and US authorities, were caught in coordinated raids across four locations. Officers from Cyber Crime Investigation Bureau, led by Police Lieutenant General Trairong Phiwphan, conducted “Operation PHOBOS AETOR” in Phuket ...

  • 20 million OpenAI accounts offered for sale

    February 7, 2025

    A cybercriminal acting under the moniker “emirking” offered 20 million OpenAI user login credentials this week, sharing what appeared to be samples of the stolen data itself. A translation of the Russian statement by the poster says: “When I realized that OpenAI might have to verify accounts in bulk, I understood that my password wouldn’t stay ...

  • Engineer IMI becomes latest British firm to be hit by cyber attack

    February 6, 2025

    Engineering group IMI confirmed it had been hit by a cyber attack just a week after rival Smiths Group said hackers had gained access to its global systems. Birmingham-headquartered IMI declined to disclose what data had been accessed in the attack, but systems in a number of its locations globally are understood to have been hit. IMI ...

  • Router maker Zyxel tells customers to replace vulnerable hardware exploited by hackers

    February 5, 2025

    Taiwanese hardware maker Zyxel says it has no plans to release a patch for two actively exploited vulnerabilities affecting potentially thousands of customers. Threat intelligence startup GreyNoise warned late last month that a critical-rated zero-day vulnerability impacting Zyxel routers was being actively exploited. GreyNoise said the flaws allow attackers to execute arbitrary commands on affected devices, ...