1.) Big news, the Biden administration is offering a $10m reward for those offering any valid information on the DarkSide Ransomware Group that shut down fuel supply of Colonial Pipeline until a ransom was paid.
Besides the announced $10m reward in USD, the State Department has also announced a $5 million reward for those who can lead the law enforcement teams to the Russian-speaking criminals leading to the arrests and conviction- in any country.
To those unaware of DarkSide Ransomware gang’s notorious activities, the cyber crooks offer ransomware as a service program to those interested under which they offer hacking tools to affiliates who can then launch file encrypting malware attacks to fetch money.
2.) Another news related to ransomware is the announcement made by BlackMatter Ransomware Group that it is shutting down its operations because of immense pressure from the law enforcement operating in coordination with multiple countries.
Early this week, that is from November 3rd,2021, BlackMatter announced they will shut down their services after 48 hours and will make a free decryptor available for those suffering from its malware thereafter.
FYI, the announcement came just after days when Europol announced that it has arrested 12 individuals linked to an internationally recognized ransomware spreading gang after launching raids on some business centers based in Switzerland and Ukraine.
3.) Third is the news related to a new ransomware variant dubbed as “Groove” that was been speculated to be attacking only US Government agencies. However, a research carried out later proved the conjecture as a mere hoax designed to divert the attention of the media and security firms towards hit.
A known media resource from UK published an article on this malware last month and stated that Groove Ransomware was found active on RAMP from August 2021- where RAMP stands for a Russian Language Darknet forum.
Security researchers from McAfee stated that the said malware never really existed in the wild and might be a smart attention seeking move made by those spreading Babuk or BlackMatter ransomware.
4.) According to a survey conducted by Entrust involving the responses from over 1500 IT professionals, it is essential to create a ransomware specific training among employees to avoid their company networks from being targeted by malware attacks.
Mark Ruchie, the CISO of Entrust, said in an interview that most companies lack the basic Cybersecurity posture to defend their infrastructure from such sophisticated attacks. And to their dismay, unpatched systems, legacy operating systems, configuration errors, lack of endpoint detection solutions are deteriorating things more….totally agree with what is being said…aren’t you?