North Korea’s Lazarus Group has reportedly designed new ransomware that is being targeted at M1 processors popularly running on Macs and Intel systems. And security researchers from ESET have discovered that the malware was uploaded to the VirusTotal operated system in Brazil and was targeted by a social engineering attack.
ESET claims the Lazarus campaign targeted specifically Macs as most of the journalists, high-profile dignitaries, and politicians use them to stay connected to the world.
Currently, evidence has been gathered that the attack is being propagated through false job offers and business deals and most of them are being synced to the code signing certificates.
Second is the news related to ransomware named HavanaCrypt that researchers from Cybereason claim to be targeting victims as fake Google software updates. And studies have revealed that the newly developed file-encrypting malware is using an Open-source password management library for encryption and is having capabilities of remaining anonymous, ex-filtrate data, and having abilities to give control to remote servers.
The third is something astonishing to read! Acronis, a firm that offers cybersecurity protection for IT infrastructure, has made a study and concludes that ransomware attacks will cause $30 billion in damage to governments across the world by 2023 and the estimate might double by the year 2026.
Interestingly, from the year 2012 to 2021, the loss is estimated to be $60 billion in cryptocurrency, and the past 16 months fetched a loss of $44 billion on a combined note…might be true!
Fourth is a news piece belonging to a Digital Transformation firm Orion Innovation which has been hit by the LockBit Ransomware group. The company claims that the gang that spreads file-encrypting malware struck its servers on Tuesday and is demanding a ransom ranging in millions to be paid by the first week of September.
The gang also mentioned in their ransomware note that there is no chance of negotiating the demanded sum and, if neglected, the stolen data will be released to the dark web.
Fifth is news about a new ransomware variant named BianLian that Cyber criminals are swarming to buy and deploy it on their targets. BianLian operates on Google created Open source programming language and was discovered in the wild by a security firm named Cyble Research Labs.
It’s been two months that they said ransomware operators are functioning and have so far targeted about 14 firms mainly related to Manufacturing, education and media and entertainment
As BianLian follows the process of dividing the encrypted content in 10 bytes of data, it easily evaded detection by antivirus products.
Sixth is the news related to a billing company that provides services to the healthcare sector. A ransomware attack on the servers of Practice and Resources has reportedly led to data compromise of over 942,138 patients and the New York based vendor has notified all the affected patients about the data breach and how they should follow certain steps to keep their identity intact from future threats. Conti Ransomware gang that is now defunct is suspected to be behind the attack and is yet to attain official confirmation.