Russian hackers attack remote US workers with ransomware


New York, Jun 27 (IANS): Russian hackers have unleased a wave of cyber attacks on Americans working from home, targeting remote employees with ransomware attacks.

Global cyber security firm Symantec has uncovered attacks against 31 organizations to date, all of which were located in the US.

The vast majority of targets are major corporations, including many household names. Aside from a number of large private companies, there were 11 listed companies, eight of which are Fortune 500 companies, said in a statement on Friday.

"Attackers were preparing to attack dozens of U.S. corporations, including eight Fortune 500 companies.

"At least 31 customer organizations have been attacked, meaning the total number of attacks may be much higher. The attackers had breached the networks of targeted organizations and were in the process of laying the groundwork for staging ransomware attacks," said the cyber security firm.

‘WastedLocker' is a relatively new breed of targeted ransomware and has been attributed to the notorious ‘Evil Corp' cyber crime outfit from Russia.

Two Russian men who are alleged to be involved in the group have open indictments against them in the US.

The attacks begin with a malicious JavaScript-based framework known as SocGholish, tracked to more than 150 compromised websites, which masquerades as a software update.

Once the attackers gain access to the victim's network, they use ‘Cobalt Strike' commodity malware to steal credentials and move across the network in order to deploy the WastedLocker ransomware on multiple computers.

The attacks were proactively detected on a number of customer networks.

"The attackers behind this threat appear to be skilled and experienced, capable of penetrating some of the most well protected corporations, stealing credentials, and moving with ease across their networks," said Symantec.

WastedLocker is a highly dangerous piece of ransomware. A successful attack could cripple the victim's network, leading to significant disruption to their operations and a costly clean-up operation, it added.

 

  

Top Stories


Leave a Comment

Title: Russian hackers attack remote US workers with ransomware



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.