Cicada3301 ransomware, written in Rust, was first reported less than two months ago. Despite its recent emergence, Morphisec threat researchers have already identified striking similarities between Cicada3301 and the infamous BlackCat ransomware.
Like its namesake, the Cicada puzzle, which has long been associated with complex, cyber-related problem-solving, the true identity of the Cicada3301 ransomware developers remains shrouded in mystery.
Read more…
Source: Morphisec
Related:
- MGM Resorts Slot machines go down in cyber-attack on firm
September 12, 2023
Customers have reported problems with slot machines and online room booking systems following a cyber-attack on casino and hotel giant MGM Resorts. Certain systems were shut down due to a “cyber-security issue”, the firm said. But it added that its facilities remained “operational”. One customer at the MGM Grand in Las Vegas said she had walked ...
- OriginBotnet Spreads via Malicious Word Document
September 11, 2023
In August, FortiGuard Labs obtained a Word document containing a malicious URL designed to entice victims to download a malware loader. This loader employs a binary padding evasion strategy that adds null bytes to increase the file’s size to 400 MB. The payloads of this loader include OriginBotnet for keylogging and password recovery, RedLine Clipper ...
- Deleting Your Way Into SYSTEM: Why Arbitrary File Deletion Vulnerabilities Matter
September 11, 2023
Windows arbitrary file deletion vulnerabilities should no longer be considered mere annoyances or tools for Denial-of-Service (DoS) attacks. Over the past couple of years, these vulnerabilities have matured into potent threats capable of unearthing a portal to full system compromise. This transformation is exemplified in CVE-2023-27470 (an arbitrary file deletion vulnerability in N-Able’s Take Control Agent ...
- Analyzing Cuba ransomware
September 11, 2023
The group’s offensives first got on Kaspersky researchers radar in late 2020. Back then, the cybercriminals had not yet adopted the moniker “Cuba”; they were known as “Tropical Scorpius”. Cuba mostly targets organizations in the United States, Canada and Europe. The gang has scored a series of resonant attacks on oil companies, financial services, government ...
- Evil Telegram doppelganger attacks Chinese users
September 8, 2023
UPDATE 11.09.2023. Google has informed us that all the apps were deleted from the Google Play store A while ago Kaspersky researchers discovered a bunch of Telegram mods on Google Play with descriptions in traditional Chinese, simplified Chinese and Uighur. The vendor says these are the fastest apps which use a distributed network of data processing ...
- Storm-0558: Understanding How Microsoft Failed to Protect Itself
September 7, 2023
You’re undoubtedly familiar with the so-called Storm-0558 attacks from July 2023. If not a quick recap: these attacks (widely attributed as the work of the Chinese government) compromised a number of high-value Exchange Online mailboxes, including the US Secretary of Commerce and the US Ambassador to China. Given the sensitivity of the mailboxes, it’s likely ...