More Spiders, Babuk Locker, and More Big Game Hunting
Editor’s Note: This series highlights current threats our cybersecurity experts guard against on a regular basis, for NetCentrics’ government and commercial clients.
There isn’t a shortage of spiders in the world. Like the last cybersecurity threat report, several spiders recently announced their arrival, including SOLAR SPIDER and CIRCUS SPIDER. Also on the rise is BGH (“Big Game Hunting”) ransomware. Let’s dive into these.
Solar Spider and Circus Spider
CIRCUS SPIDER, meanwhile, is keeping the U.S. Department of Justice (DOJ) busy. The DOJ seized a ransomware affiliate using CIRCUS SPIDER’s dedicated leak site (DLS) and charged Sebastian Vachon-Desjardins with four different crimes. The ransom take totaled an estimated $27.6 million, according to Bleeping Computer. “This operation does not mean it’s the end of the Netwalker operation but it’s definitely a step closer,” writes Ionut Ilascu. Let’s hope so, but we’ll see.
Babuk Locker and Big Game Hunting
According to Security Intelligence, Babuk Locker has earned the “dubious title of first new enterprise ransomware strain of 2021.” Crowdstrike reports that it successfully infected a UK-based professional services company. This company held multiple government contracts, including some associated with the UK National Health Service (NHS) Test and Trace programme used to contain the spread of COVID-19. Victims were redirected and instructed to use a personal chat portal. Once there, they were pressured to pay ransom. This ransomware group has loudly stated intentions to become a BGH actor.
Ransomware attackers continue to refine their approaches. Here are two recent examples. One Phobos ransomware operator was observed deploying ransomware from an adversary-controlled machine, possibly a first. The other was an Android backdoor used by VELVET CHOLLIMA. The group used this backdoor to infect an open-source messenger app and cyptocurrency monitor app called CapMarket.
With this and other recent activity, remember: threat actors are willing and able to do damage. Stay alert and keep your patches updated. Here are the FBI’s recommendations to protect yourself from ransomware.
Photo: Juan Pablo Mascanfroni
Remember: threat actors are willing and able to do damage. Stay alert and keep your patches updated.
Learn more about Cybersecurity...View All
Tips to Protect Yourself Online
AFCEA Spring Symposium 2021: Trends in National Defense, Cybersecurity, and the Intelligence Community
From Air Force to Digital Defense
O’Connor Named a Government Technology Innovator 2021
Business Development Executive Revels in the Chase of New Technologies, New Opportunities
Spam, Phishing, and Ransomware: Easy Ways to Protect Yourself at Work
NetCentrics Secures Nod for Best Practices Excellence in ISO/IEC 27001:2013 Certification
Continuous Learning Coast-to-Coast
Net-Centric Warfare in Battlefield Operations, Yesterday and Tomorrow