Threat actors are exploiting poorly secured Microsoft SQL servers to deliver Cobalt Strike ransomware and a ransomware strain called FreeWorld.
The ransomware payload of choice appears to be a newer variant of Mimic ransomware called Freeworld.
The attack initially succeeded as a result of a brute force attack against a MS SQL server, the researchers said.
Key Group ransomware uses a base64 encoded static key N0dQM0I1JCM= to encrypt victims’ data, Dutch cybersecurity company EclecticIQ said in a report released Thursday.
The fluctuations in monetization rates have been accompanied by ransomware threat actors continuing to evolve their extortion tradecraft, including sharing details of their attack techniques, to show why the victims aren’t eligible for a cyber insurance payout, the report says.
๐ Feeling the vibes?
Keep the good energy going by checking out my Amazon affiliate link for some cool finds! ๐๏ธ
If not, consider contributing to my caffeine supply at Buy Me a Coffee โ๏ธ.
Your clicks = cosmic support for more awesome content! ๐๐
Leave a Reply