Unit 42 researchers have observed an increase in BlackSuit ransomware activity beginning in March 2024 that suggests a ramp up of operations. This threat emerged as a rebrand of Royal ransomware, which occurred in May 2023. Unit 42 tracks the group behind this threat as Ignoble Scorpius.
Since the rebrand, Unit 42 has observed at least 93 victims globally, a quarter of which were in the construction and manufacturing industries. The group describes themselves as an “extortioner named BlackSuit” and claims to reverse file encryption for “quite a small compensation essentially.” Although the group states the compensation is small, Unit 42 has observed that, on average, the initial ransom demand is about equal to 1.6% of the victim organization’s annual revenue.
Read more…
Source: Trend Micro
Related:
- Education, Health Sectors Facing Challenges as Nigeria Records 586,130 Cyber Threats in 6 Months
September 14, 2024
Between January and June 2024, a staggering 586,130 cyber threats were launched against Nigeria, especially the financial institutions and telecoms companies, with other sectors also facing specific challenges. According to the report, various industries face unique cybersecurity challenges. The education sector grappled with maintaining security amidst digital transformation. The healthcare industry struggled to balance handling sensitive ...
- I stole 20 GB of data from Capgemini – and now I’m leaking it, says cybercrook
September 13, 2024
A miscreant claims to have broken into Capgemini and leaked a large amount of sensitive data stolen from the technology services giant – including source code, credentials, and T-Mobile’s virtual machine logs. The French multinational IT and consulting firm did not immediately respond to The Register’s request for comment, and has yet to formally confirm or ...
- Chinese-made cargo equipment enables cyber, espionage risks in US ports
September 12, 2024
A year-long probe led by GOP members of two House panels found that numerous seaports around the U.S. contain technology originating from Chinese manufacturers that could enable espionage and sabotage. The study conducted by lawmakers and staff on the House Homeland Security Committee and Select Committee on the Chinese Communist Party said that it was an ...
- Scammers advertise fake AppleCare+ service via GitHub repos
September 12, 2024
Malwarebytes Labs researchers uncovered a malicious campaign going after Mac users looking for support or extended warranty from Apple via the AppleCare+ support plans. The perpetrators are buying Google ads to lure in their victims and redirect them to bogus pages hosted on GitHub, the developer and code repository platform owned by Microsoft. The goal of ...
- BT spots 2,000 potential attacks on its network a second
September 12, 2024
Britain’s BT said it was spotting 2,000 signals of potential cyber-attacks across its network every second, as criminals were increasingly using disposable “bots” to try to evade existing blocking and security measures. The telecoms group said on Thursday that digital surveillance activity by hackers using malicious scanning “bots” was 1,200% higher in July compared to the ...
- Business Email Compromise: The $55 Billion Scam
September 11, 2024
Business Email Compromise/Email Account Compromise (BEC) is a sophisticated scam that targets both businesses and individuals who perform legitimate transfer-of-funds requests. The scam is frequently carried out when an individual compromises legitimate business or personal email accounts through social engineering (PSA I-041124-PSA) or computer intrusion to conduct unauthorized transfers of funds. Often times BEC variations involve ...