- Jun 26, 2021
- Windows 10
- Yandex.Browser 188.8.131.520
The Week in Ransomware - November 11th 2022 - LockBit feeling the heat
- November 11, 2022
- 05:25 PM
This 'Week in Ransomware' covers the last two weeks of ransomware news, with new information on attacks, arrests, data wipers, and reports shared by cybersecurity firms and researchers.
The big news is the arrest of a Russian LockBit member in Canada, who is said to be responsible for making ransom demands between €5 to €70 million.
Over the past few weeks, a threat actor has been trolling victims by distributing the Azov Ransomware and blaming its creation on cybersecurity researchers and journalists.
Unfortunately, this ransomware was later confirmed to be a data wiper that overwrites alternating '666' bytes of data with garbage, making it impossible to recover data.
Other reports have linked the Black Basta ransomware to FIN7 (Carbanak), warned that Venus ransomware is targeting healthcare, linked the Russian Sandworm hackers with Ukrainian ransomware attacks, and detailed how a threat actor is distributing LockBit through the Amdey botnet.
Finally, we learned more about ransomware attacks this week, with a REvil-linked gang claiming responsibility for Medibank, LockBit hitting the Continental automotive giant, and Black Basta behind Sobeys' business disruptions.
Contributors and those who provided new ransomware information and stories this week include @jorntvdw, @DanielGallagher, @Seifreed, @LawrenceAbrams, @struppigel, @malwareforme, @demonslay335, @Ionut_Ilascu, @fwosar, @FourOctets, @VK_Intel, @malwrhunterteam, @serghei, @PolarToffee, @BleepinComputer, @billtoulas, @LabsSentinel, @vinopaljiri, @_CPResearch_, @ahnlab. @jgreigj, @MsftSecIntel, and @pcrisk.