Breakthrough in Ransomware Business?

Many Ukrainian government websites were down due to a major cyber attack earlier this month.

The destructive malware targeted the websites of Ukraine’s Ministry of Foreign Affairs, Security and Defense Council, Ministry of Education, several government agencies and a related IT company while the country is facing the greatest threat from Russian military invasion and is on the brink of war.

A series of cyberattacks that started with a $10,000 ransom demand in bitcoin, then became unsuitable for the hackers.

Ukrainian authorities are conducting an investigation, although the culprit has yet to be identified. However, the country has suffered from numerous Russian-origin cyberattacks in the past.

“This is about your past, present and future”

The attacks hit Ukrainian state websites with dramatic messages on their header pages saying all their data had been leaked and deleted from computers for political reasons.

“Ukrainian! All your data were uploaded into a pblic network. All data on computer is deleted without a possibility to restore. All information about you became public; be afraid and hope for the worse. This is because of your past, present, and future. Because of Volyn [Ukrainian city - DailyCoin], OUN UPA [Ukrainian Rebel Army - DailyCoin], Galicia, Polissya, and historical lands.” - declared the anonymous hackers.

The statement mentions individual Ukrainians and is written in three languages ​​including Polish and Russian. It also depicts a crossed Ukrainian flag, the coat of arms, the silhouette of the Ukrainian territory and the head of a pig above the inscription.

However, the senior official of Ukraine’s cybersecurity agency, Viktor Zora, disclosure The attacks first began a day before such a message was shared on government organizations’ websites.

According to him, website administrators first faced a ransom demand of $10,000 in bitcoin to access their data. However, administrators have found the computer’s hard drive to be damaged beyond repair after rebooting.

As follows stated In Ukraine’s cybersecurity, several external sources of information were manually destroyed by hackers in a complex and coordinated attack.

The Ukrainian Cyber ​​Police revealed that the perpetrators used three attack vectors, including a supply chain attack, an exploit of the OctoberCMS content management system, and the vulnerability of Log4j, a Java-based logging utility. A day earlier, the affected organizations were subjected to a DDOS attack.

The investigators stated that “the short duration for the attack shows the coordination of the hackers’ actions and their numbers”.

Although the majority of government websites that were hacked were back up and running after a few days, the initiators of the fake bitcoin ransom announcements and data wipe attacks have yet to be identified.

However, the recent attacks on Ukrainian state institutions bear similarities to the acts of cyber war against Ukraine just before Christmas 2015.

Government agencies, treasury, railway system, communication companies and even the country’s national power grid have been affected by malware attacks. The attack on the power grid resulted in power outages for nearly a quarter of a million citizens and was one of the first publicly known successful successful cyberattacks on such an audience.

The acts of cyber warfare in 2015 occurred when Russia intervened militarily in the territory of Ukraine. They are also linked to Sandworm, a Russian cyberwarfare unit under the GRU, the organization in charge of Russian military intelligence.

This malware is designed to look like ransomware but lacks a ransom recovery mechanism. This means the malware is “designed to render targeted devices inoperable rather than ransom,” a blog from Microsoft’s Threat Intelligence Center states.

New dimension of ransomware threat

Cyberattacks on Ukrainian organizations have shocked the cybersecurity community. Although attackers mimic ransom intentions, their real target is data and data destruction, experts say. To speak.

“The malware is designed to look like ransomware but lacks a ransom recovery mechanism. This means that the malware “is designed to render targeted devices inoperable rather than ransom,” Microsoft’s Threat Intelligence Center writes in blog post.

According to cybersecurity experts, the use of such malware could “mark the beginning of a new dimension of the ransomware threat”.

Fewer companies worldwide agree to pay ransom to buy back stolen data. This has led cybercriminals to find new tactics such as destroying data in advance for those who refuse to pay and cooperate.

Ukraine, the second largest country by area in Europe, is on the edge of war with the Russian Federation, which has mobilized a massive 100,000 troops and missiles on the Ukrainian border. The Kremlin considers the sovereign state to be part of Russia and opposes forging ties with the democratic West. NATO member countries are sending weapons to support Ukraine to deal with the military threat from Russia. Military tension in Europe is the greatest since the Second World War.

","author":{"@type":"Person","name":"TTB Henry","url":""," sameAs":[""]},"articleSection":["Tin Tu1ee9c Ethereum"],"image":{"@type":"ImageObject","url":"", "width":1920,"height":0},"publisher":{"@type":"Organization","name":"Tin Tu1ee9c Bitcoin","url":"https://","logo":{"@type":"ImageObject","url":" -30px-height.svg"},"sameAs":["","","","","","",""]}}

Đăng nhận xét

Mới hơn Cũ hơn