by Fortify Security Team | Apr 22, 2022 | Research
As of March 2022, BlackCat/ALPHV ransomware as a service (RaaS) had compromised at least 60 entities worldwide and is the first ransomware group to do so successfully using RUST, considered to be a more secure programming language that offers improved performance and...
by Fortify Security Team | Apr 22, 2022 | Research
RagnarLocker is identified by the extension “.RGNR_<ID>,” where <ID> is a hash of the computer’s NETBIOS name. The actors, identifying themselves as “RAGNAR_LOCKER,” leave a .txt ransom note, with instructions on how to pay the ransom and decrypt the data....
by Fortify Security Team | Nov 3, 2021 | Research
The FBI first identified Ranzy Locker ransomware in late 2020 when the variant began to target victims in the United States. Unknown cyber criminals using Ranzy Locker ransomware had compromised more than 30 US businesses as of July 2021. The victims include the...
by Fortify Security Team | Oct 23, 2021 | Research
While Conti is considered a ransomware-as-a-service (RaaS) model ransomware variant, there is variation in its structure that differentiates it from a typical affiliate model. It is likely that Conti developers pay the deployer’s of the ransomware a wage rather...
by Fortify Security Team | Oct 18, 2021 | Research
This advisory provides information on cyber actor tactics, techniques, and procedures (TTPs) obtained from a sample of BlackMatter ransomware analyzed in a sandbox environment as well from trusted third-party reporting. Using embedded, previously compromised...
by Fortify Security Team | Sep 28, 2021 | Research
FBI reporting has indicated a recent increase in IcedID malware acting as a “dropper,” infecting victims with additional malware. Examples of ransomware variants dropped by IcedID include Defray777, GlobeImposter, Cuba, Conti, and REvil (aka Sodinokibi). First...
