Unit 42 researchers have observed an increase in BlackSuit ransomware activity beginning in March 2024 that suggests a ramp up of operations. This threat emerged as a rebrand of Royal ransomware, which occurred in May 2023. Unit 42 tracks the group behind this threat as Ignoble Scorpius.
Since the rebrand, Unit 42 has observed at least 93 victims globally, a quarter of which were in the construction and manufacturing industries. The group describes themselves as an “extortioner named BlackSuit” and claims to reverse file encryption for “quite a small compensation essentially.” Although the group states the compensation is small, Unit 42 has observed that, on average, the initial ransom demand is about equal to 1.6% of the victim organization’s annual revenue.
Read more…
Source: Trend Micro
Related:
- iPadOS 18 is bricking some iPad Pro 2024 units, leading Apple to pull the update
September 18, 2024
iPadOS 18 recently landed alongside iOS 18, adding all sorts of tweaks, improvements, and new features to Apple’s tablets, but if you have one of Apple’s latest iPads, you won’t be able to download it right now. Initially, iPadOS 18 was available for the iPad Pro 11-inch (2024) and the iPad Pro 13-inch (2024), but ...
- Almost 500GB of data allegedly leaked in RansomHub attack on Kawasaki
September 18, 2024
Kawasaki Motors Europe (KME) recently released a statement confirming it was the victim of a cyber attack. The attack caused significant service disruptions as the cybercriminals threatened to release stolen data. KME confirmed, “At the start of September, Kawasaki Motors Europe (KME) was the subject of a cyberattack which, although not successful, resulted in the company’s ...
- Nine killed, 2,750 wounded across Lebanon as Hezbollah pagers explode
September 17, 2024
At least nine people were killed and about 2,750 were wounded by exploding handheld pagers across Lebanon, the country’s health minister has said. Firass Abiad said that an eight-year-old girl was among those killed and that more than 200 people are in critical condition after the communication devices exploded on Tuesday, with injuries mostly reported to ...
- Cyber threats continue to plague Philippine financial institutions
September 17, 2024
The financial industry remains a prime target for cyberattacks, despite the Bangko Sentral ng Pilipinas’ (BSP) new framework to enhance cyber resilience, a global cybersecurity and digital privacy company has warned. Kaspersky, a cybersecurity firm, reported that the finance sector experiences the highest losses due to online fraud, as scammers increasingly exploit customer data for account ...
- TikTok just had the most important two hours of its life
September 16, 2024
Who really controls TikTok’s magical algorithm — the US-based company that runs the app or its Chinese parent, ByteDance? That’s the question that bedeviled a trio of federal judges on Monday charged with deciding whether to allow the implementation of a law that could ultimately result in TikTok being banned for all Americans. After more than ...
- Malware exploits braille characters to breach Windows security flaws
September 16, 2024
The Windows operating system (OS) had a vulnerability that allowed people to hide a file’s true extension, which hackers were able to use and distribute files that looked like .PDF documents, but were in fact weaponized .HTA files. In the most recent Patch Tuesday cumulative update, Microsoft addressed a flaw described as “Windows MSHTML spoofing vulnerability”, ...