Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing

        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing

        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing

        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing

        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training

        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing

        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review

        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention

        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise

        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle

        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

I'VE BEEN BREACHED

The Week In Ransomware – March 19th 2021 – Highest Ransom Ever!

The Week In Ransomware – March 19th 2021 – Highest Ransom Ever!

While the beginning of this week was fairly quiet, it definitely ended with a bang as news came out of the largest ransom demand yet.

It was revealed at the end of the week that computer maker Acer suffered a REvil ransomware attack where the threat actors are demanding a massive $50,000,000 ransom.

REvil also made this news this week with the addition of a new -smode argument that causes Windows to reboot into Safe Mode with Networking to perform the encryption. REvil’s ‘Unknown’ also conducted an interview with TheRecord.

Finally, we saw an FBI warning about PYSA and new variants of ransomware families released.

Contributors and those who provided new ransomware information and stories this week include: @malwareforme@struppigel@LawrenceAbrams@Seifreed@DanielGallagher@VK_Intel@fwosar@malwrhunterteam@FourOctets@demonslay335@BleepinComputer@serghei@jorntvdw@Ionut_Ilascu@PolarToffee@Amigo_A_@GrujaRS@ddd1ms@campuscodi@ValeryMarchive@3xp0rtblog@Kangxiaopao, and @fbgwls245.

March 13th 2021

New RunExeMemory ransomware variant

GrujaRSA found a new variant of the RunExeMemory that appends the .z8sj2c extension and drops a ransom note named Read me, if you want to recover your files.txt.

March 16th 2021

FBI warns of escalating Pysa ransomware attacks on education orgs

The Federal Bureau of Investigation (FBI) Cyber Division has warned system administrators and cybersecurity professionals of increased Pysa ransomware activity targeting educational institutions.

An interview with REvil’s Unknown

Unknown talked to Recorded Future expert threat intelligence analyst Dmitry Smilyanets recently about using ransomware as a weapon, staying out of politics, experimenting with new tactics, and much more. The interview was conducted in Russian and translated to English with the help of a professional translator, and has been edited for clarity.

New Liz Dharma ransomware variant

Jakub Kroustek found a new Dharma Ransomware variant that appends the .liz extension.

Also Read: 10 Practical Benefits of Managed IT Services

New Rapid ransomware variant

dnwls0719 found a new Rapid ransomware variant that appends the .lock extension.

New Xorist ransomware variant

xiaopao found a new variant of the SFile ransomware that appends the .sandboxtest extension.

March 17th 2021

Missed opportunity: Bug in LockBit ransomware allowed free decryptions

A member of the cybercriminal community has discovered and disclosed a bug in the LockBit ransomware that could have been used for free decryptions.

New Hakbit ransomware variant

xiaopao found a new variant of the SFile ransomware that appends the .PROM extension.

New SFile ransomware variant

xiaopao found a new variant of the SFile ransomware that appends the .zuadr extension and drops a ransom note named RESTORE_FILES_INFO.hta and RESTORE_FILES_INFO.txt.

March 18th 2021

New PewPew Ransomware variant

Amigo-A found a new PewPew Ransomware variant that calls itself ‘Artemis’ and appends the .optimus extension to encrypted files.

New Stop ransomware variant

dnwls0719 found a new STOP Djvu ransomware variant that appends the .enfp and drops a ransom note named _readme.txt.

STOP Ransomware ransom note

March 19th 2021

REvil ransomware has a new ‘Windows Safe Mode’ encryption mode

The REvil ransomware operation has added a new ability to encrypt files in Windows Safe Mode, likely to evade detection by security software and for greater success when encrypting files.

Computer giant Acer hit by $50 million ransomware attack

Electronics giant Acer has been hit by a REvil ransomware attack where the threat actors are demanding the largest known ransom to date, $50,000,000.

Cyberattaque : une rançon de 50 millions de dollars demandée à Acer

Les opérateurs du rançongiciel Revil, aussi connu sous le nom Sodinokibi, ont ajouté le constructeur à la liste de victimes. Ils laissent encore près de 9 jours à Acer pour négocier, faute de quoi ils doubleront leurs exigences.

Ransomware statistics for 2020: Year in summary

2020, the year of the pandemic, was another lucrative year for ransomware. As nations around the world scrambled to slow the spread of the virus, cybercriminals attempted to capitalize on the chaos.

Also Read: What Legislation Exists in Singapore Regarding Data Protection and Security?

New SFile ransomware variant

xiaopao found a new variant of the SFile ransomware that appends the .Technomous-zbtrqyd extension.

That’s it for this week! Hope everyone has a nice weekend!

0 Comments

Let us help you out.

Grab your free consultation NOW!

Privacy Ninja

Data Protection​

Cybersecurity

Support

Company

Locations

Singapore

7 Temasek Boulevard
#12-07, Suntec Tower One
Singapore 038987

Thailand

The Royal Place 1
2, 2/399 Mahatlek Luang 1 Alley, Lumphini, Pathum Wan, Bangkok 10330, Thailand



email-icon
Facebook Twitter Linkedin Youtube

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
TALK TO US
×

Hello!

Click one of our contacts below to chat on WhatsApp

Social Chat is free, download and try it now here!

× Chat with us