![]() ![]() ![]() government agencies as exploiting vulnerable PaperCut servers in attacks against the education sector in the country.īlacktail may have repurposed existing malware for efficiency reasons, but it does utilize a custom data exfiltration utility written in Go that’s designed to steal files with specific extensions in the form of a ZIP archive prior to encryption. ![]() One notable cybercrime group that’s already using the LockBit ransomware builder is the Bl00dy Ransomware Gang, which was recently spotlighted by U.S. The latest findings from Symantec show that Blacktail’s modus operandi might be changing, what with the actor leveraging modified versions of the leaked LockBit 3.0 and Babuk ransomware source code to target Windows and Linux, respectively.īoth Babuk and LockBit have had their ransomware source code published online in September 2021 and September 2022, spawning multiple imitators. The operators have since been observed swiftly exploiting other severe bugs impacting IBM’s Aspera Faspex file exchange application ( CVE-2022-47986) and PaperCut ( CVE-2023-27350) to drop the ransomware. ![]() Later that same month, Bitdefender revealed the use of a Windows variant that was deployed against Zoho ManageEngine products that were vulnerable to critical remote code execution flaws ( CVE-2022-47966). Buhti was first highlighted by Palo Alto Networks Unit 42 in February 2023, describing it as a Golang ransomware targeting the Linux platform. The cybersecurity firm is tracking the cybercrime group under the name Blacktail. “While the group doesn’t develop its own ransomware, it does utilize what appears to be one custom-developed tool, an information stealer designed to search for and archive specified file types,” Symantec said in a report shared with The Hacker News. The threat actors behind the nascent Buhti ransomware have eschewed their custom payload in favor of leaked LockBit and Babuk ransomware families to strike Windows and Linux systems. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |