Security Affairs

JANUARY 14, 2022

The group was also carrying out DDoS attacks to paralyze the networks of the victims and force them to pay the ransom. The gang was also providing VPN-like services used by other cybercriminal organizations to carry out malicious activities used to deliver malware to the target organization. Source SSU.

Ransomware 112

Ransomware DDOS Telecommunications Malware 112

SecureList

MAY 10, 2021

Botnet operators use infected devices to carry out DDoS attacks or mine cryptocurrency. In Q1 2021, cybercriminals also found a host of new tools for amplifying DDoS attacks. RDP servers listening on UDP port 3389 were used to amplify DDoS attacks. That said, a VPN is no panacea if it too is vulnerable to amplification attacks.

DDOS 96

DDOS Cryptocurrency Media Marketing 96

SecureList

MAY 12, 2021

To ensure that their ability to restore encrypted files would never be questioned, they cultivated an online presence, wrote press releases and generally made sure their name would be known to all potential victims. The malware sample has an encrypted configuration block with many fields, which allow attackers to fine-tune the payload.

Ransomware 123

Ransomware Encryption Malware Cybercrime 123

Security Affairs

NOVEMBER 25, 2020

Group-IB’s report Hi-Tech Crime Trends 2020/2021 examines various aspects of cybercrime industry operations and predicts changes to the threat landscape for various sectors, namely the financial industry, telecommunications, retail, manufacturing, and the energy sector. Ransomware operators buy access and then encrypt devices on the network.

Banking 130

Banking Ransomware Phishing Marketing 130