Ransomware is a type of malicious software that infects computer systems and encrypts data, holding it for ransom until a payment is made. While ransomware attacks have been reported for years, new variants have become increasingly sophisticated and more prevalent in recent times. The latest variant, Trigona, was first discovered in October 2022 by MalwareHunterTeam. Attackers use brute force or dictionary attacks, using easy-to-guess credentials to bypass logins, to induce the same ransomware.
In April 2023, South Korean cybersecurity firm AhnLab issued a warning about a ransomware attack on Microsoft SQL Servers, which were being bombarded with Trigona Ransomware payloads meant to encrypt files after stealing data. The same month, a real estate firm in Singapore, OrangeTee & Tie, was issued a fine of $37,000 by the Personal Data Protection Commission for failing to protect the data of 25,000 customers and employees from intrusion. ALTDOS, a hacking group from Southeast Asia, was behind the incident and demanded 10 BTC in exchange for the return of the information.
Another group, Blind Eagle, is a Spanish-speaking espionage actor that has been linked to cyber attacks on the private and public sector in Colombia, Spain, Chile, and Ecuador. The group is known to use spear-phishing campaigns to deliver commodity malware such as AsyncRAT and BitRAT, and is financially motivated.
In conclusion, ransomware is a serious threat that is becoming increasingly sophisticated. It is essential for organizations to take proactive measures to protect their data, such as using strong passwords, updating software regularly, and investing in security solutions. Additionally, individuals should be aware of the potential threats and take the necessary steps to protect their data.