The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) are releasing this joint advisory to disseminate known Ghost (Cring)— (“Ghost”)—ransomware IOCs and TTPs identified through FBI investigation as recently as January 2025. Beginning early 2021, Ghost actors began attacking victims whose internet facing services ran outdated versions of software and firmware.
This indiscriminate targeting of networks containing vulnerabilities has led to the compromise of organizations across more than 70 countries, including organizations in China. Ghost actors, located in China, conduct these widespread attacks for financial gain. Affected victims include critical infrastructure, schools and universities, healthcare, government networks, religious institutions, technology and manufacturing companies, and numerous small- and medium-sized businesses.
Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division
Related:
- WikiLeaks reveals CIA files describing hacking tools
March 6, 2017
WikiLeaks published thousands of documents Tuesday described as secret files about CIA hacking tools the government employs to break into users’ computers, mobile phones and even smart TVs from companies like Apple, Google, Microsoft and Samsung. The documents describe clandestine methods for bypassing or defeating encryption, antivirus tools and other protective security features intended to keep ...
- Boeing Notifies 36,000 Employees Following Breach
February 27, 2017
A Boeing employee inadvertently leaked the personal information of 36,000 of his co-workers late last year when he emailed a company spreadsheet to his non-Boeing spouse. News of the breach surfaced earlier this month after a letter (.PDF) from Boeing’s Deputy Chief Privacy Officer Marie Olson, to the Attorney General for the state of Washington Bob ...
- NSA snoops told: Get your checkbooks and pens ready for a cyber-weapon shopping spree
February 25, 2017
NSA and US Cyber Command boss Mike Rogers has revealed the future direction of his two agencies – and for the private sector, this masterplan can be summarized in one word. Kerching! Speaking at the West 2017 Navy conference on Friday, Rogers said he is mulling buying up more infosec tools from corporations to attack and infiltrate ...
- Got Effective Cybersecurity Practices? Be Aware: The FTC Is Watching You
February 20, 2017
Following a July ruling against medical testing laboratory LabMD (which is now out of business), the Federal Trade Commission has emerged as a central regulator of cybersecurity practices for U.S. businesses. The FTC’s mandate to act on “unfair or deceptive” business practices that could harm consumers is being interpreted in a way that means any ...
- States vie for Israeli cyber security investment as CyberGym heads downunder
February 20, 2017
State governments are jostling to win a major cyber security investment from the multibillion-dollar Israeli government-owned electricity company, as the business implications of Prime Minister Benjamin Netanyahu’s first Australian visit begin to take shape. Ofer Bloch, chief executive of the Israel Electric Corporation (IEC), was in Australia with the Prime Minister’s accompanying delegation of business leaders ...
- Study reveals cybersecurity readiness gaps in US oil and gas industry
February 16, 2017
A survey of US oil and gas cybersecurity risk managers indicates that the deployment of cybersecurity measures in the industry isn’t keeping pace with the growth of digitalization in oil and gas operations. In a study from the Ponemon Institute – The State of Cybersecurity in the Oil & Gas Industry: United States – just ...