Close Menu
Indo Guard OnlineIndo Guard Online
  • Home
  • Cyber Security
  • Risk Management
  • Travel
  • Security News
  • Tech
  • More
    • Data Privacy
    • Data Protection
    • Global Security
What's Hot

Microsoft extends Windows 10 security updates on one year with new enrollment options

June 25, 2025

The new visa rule in the US requires from applicants to set privacy in social media for the public

June 24, 2025

Hackers focus on over 70 Microsoft Exchange servers to steal credentials via Keyloggers

June 24, 2025
Facebook X (Twitter) Instagram
Facebook X (Twitter) Instagram YouTube
Indo Guard OnlineIndo Guard Online
Subscribe
  • Home
  • Cyber Security
  • Risk Management
  • Travel
  • Security News
  • Tech
  • More
    • Data Privacy
    • Data Protection
    • Global Security
Indo Guard OnlineIndo Guard Online
Home » Scattered Spider uses RansomHub and Qilin for cyber attacks
Global Security

Scattered Spider uses RansomHub and Qilin for cyber attacks

AdminBy AdminJuly 17, 2024No Comments2 Mins Read
RansomHub and Qilin Ransomware
Share
Facebook Twitter LinkedIn Pinterest Email Copy Link


July 17, 2024Information hallCybercrime / Ransomware

RansomHub and Qilin ransomware

The infamous cyber crime group known as Scattered spider ransomware strains such as RansomHub and Do it in its arsenal, Microsoft showed.

Scattered spider designation given to a threat actor known for sophisticated social engineering schemes to compromise targets and create resilience for subsequent exploitation and data theft. It also has a history of targeting VMWare ESXi servers and deploying BlackCat ransomware.

Cyber ​​security

It overlaps with clusters of activity tracked by the wider cyber security community under the aliases 0ktapus, Octo Tempest and UNC3944. Last month it was reported that a key member of the group had been arrested in Spain.

According to an analysis by Broadcom-owned Symantec last month, RansomHub, which appeared in early February of this year, was assessed as a rebranding of another ransomware strain called Knight.

“RansomHub is a Ransomware as a Service (RaaS) used by a growing number of threat actors, including those who have historically used other (sometimes defunct) ransomware (such as BlackCat), making it one of the most common ransomware families. today,” Microsoft said.

The Windows maker said it also observed the deployment of RansomHub as part of post-compromise activities by Manatee Tempest (aka DEV-0243, Evil Corp or Indrik Spider) after initial access gained by Mustard Tempest (aka DEV-0206 or Purple Vallhund) via FakeUpdates (aka Socgholish) infection.

It should be noted here that Mustard Tempest is initial access broker which has in the past used FakeUpdates in attacks that led to behavior reminiscent of the ransomware behavior associated with Evil Corp. These intrusions are also notable in that the FakeUpdates were delivered through an existing Crimson Robin infection.

The development comes amid the emergence of new ransomware families, such as FakePenny (attributed to Moonstone Sleet), The fog (distributed by Storm-0844, who also distributed Akira), and ShadowRootthe latter of which targeted a Turkish business using fake PDF invoices.

“As the ransomware threat continues to grow, expand, and evolve, users and organizations are encouraged to follow security best practices, especially credential hygiene, the principle of least privilege, and zero trust,” Microsoft said.

Did you find this article interesting? Follow us Twitter  and LinkedIn to read more exclusive content we publish.





Source link

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email Copy Link
Admin
  • Website

Related Posts

Microsoft extends Windows 10 security updates on one year with new enrollment options

June 25, 2025

The new visa rule in the US requires from applicants to set privacy in social media for the public

June 24, 2025

Hackers focus on over 70 Microsoft Exchange servers to steal credentials via Keyloggers

June 24, 2025

Researchers find a way to close Cryptominer companies using bad stocks and Xmrogue

June 24, 2025

APT28 uses signal chat to expand malicious Beardhell ​​and Testament software in Ukraine

June 24, 2025

Talk CTEM we all need

June 24, 2025
Add A Comment
Leave A Reply Cancel Reply

Loading poll ...
Coming Soon
Do You Like Our Website
: {{ tsp_total }}

Subscribe to Updates

Get the latest security news from Indoguardonline.com

Latest Posts

Microsoft extends Windows 10 security updates on one year with new enrollment options

June 25, 2025

The new visa rule in the US requires from applicants to set privacy in social media for the public

June 24, 2025

Hackers focus on over 70 Microsoft Exchange servers to steal credentials via Keyloggers

June 24, 2025

Researchers find a way to close Cryptominer companies using bad stocks and Xmrogue

June 24, 2025

APT28 uses signal chat to expand malicious Beardhell ​​and Testament software in Ukraine

June 24, 2025

Talk CTEM we all need

June 24, 2025

Hackers operate incorrectly configured API Docker to hand over cryptocurrency via Tor Network

June 24, 2025

US House forbids WhatsApp on official security and protection devices

June 24, 2025
About Us
About Us

Provide a constantly updating feed of the latest security news and developments specific to Indonesia.

Facebook X (Twitter) Pinterest YouTube WhatsApp
Our Picks

Microsoft extends Windows 10 security updates on one year with new enrollment options

June 25, 2025

The new visa rule in the US requires from applicants to set privacy in social media for the public

June 24, 2025

Hackers focus on over 70 Microsoft Exchange servers to steal credentials via Keyloggers

June 24, 2025
Most Popular

In Indonesia, crippling immigration ransomware breach sparks privacy crisis

July 6, 2024

Why Indonesia’s Data Breach Crisis Calls for Better Security

July 6, 2024

Indonesia’s plan to integrate 27,000 govt apps in one platform welcomed but data security concerns linger

July 6, 2024
© 2025 indoguardonline.com
  • Home
  • About us
  • Contact us
  • Privacy Policy

Type above and press Enter to search. Press Esc to cancel.