Conti vs. LockBit: A Comparative Analysis of Ransomware Groups

Credit to Author: Shingo Matsugaya| Date: Mon, 27 Jun 2022 00:00:00 +0000

We compare the targeting and business models of the Conti and LockBit ransomware groups using data analysis approaches. This will be presented in full at the 34th Annual FIRST Conference on June 27, 2022.

Read more

Cuba Ransomware Group’s New Variant Found Using Optimized Infection Techniques

Credit to Author: Don Ovid Ladores| Date: Wed, 08 Jun 2022 00:00:00 +0000

Trend Micro Research observed the resurgence of the Cuba ransomware group that launched a new malware variant using different infection techniques compared to past iterations. We discuss our initial findings in this report.

Read more

Trend Micro Partners With Interpol and Nigeria’s EFCC for Operation Killer Bee, Takes Down Nigerian BEC Actors

Credit to Author: Paul Pajares| Date: Thu, 02 Jun 2022 00:00:00 +0000

Nigeria’s Economic and Financial Crimes Commission (EFCC) arrested three suspected scammers from Nigeria who were involved in global scamming campaigns via a sting operation that is part of Operation Killer Bee. Trend Micro provided information on the group and their modus operandi.

Read more

AvosLocker Ransomware Variant Abuses Driver File to Disable Antivirus, Scans for Log4shell

Credit to Author: Christoper Ordonez| Date: Mon, 02 May 2022 00:00:00 +0000

We found an AvosLocker ransomware variant using a legitimate antivirus component to disable detection and blocking solutions.

Read more

New Linux-Based Ransomware Cheerscrypt Targeting ESXi Devices Linked to Leaked Babuk Source Code

Credit to Author: Arianne Dela Cruz| Date: Wed, 25 May 2022 00:00:00 +0000

New findings showed that Cheerscrypt, a new Linux-based ransomware variant that compromises ESXi servers, was derived from the leaked Babuk source code. We discuss our analysis in this report.

Read more

Patch Your WSO2: CVE-2022-29464 Exploited to Install Linux-Compatible Cobalt Strike Beacons, Other Malware

Credit to Author: Hitomi Kimura| Date: Tue, 31 May 2022 00:00:00 +0000

Users of WSO2 products are advised to update their respective products and platforms or to apply the temporary mitigation steps immediately.

Read more

New Linux-Based Ransomware ‘Cheerscrypt’ Targets EXSi Devices

Credit to Author: Arianne Dela Cruz| Date: Wed, 25 May 2022 00:00:00 +0000

Trend Micro Research detected “Cheerscrypt”, a new Linux-based ransomware variant that compromises EXSi servers. We discuss our initial findings on in this report.

Read more