Ghost Ransomware Continues To Infect Critical Infrastructure, Feds Warn (theregister.com) 6
Mirnotoriety shares a report from The Register: The operators of Ghost ransomware continue to claim victims and score payments, but keeping the crooks at bay is possible by patching known vulnerabilities and some basic infosec actions, according to a joint advisory issued Wednesday by the FBI and US Cybersecurity and Infrastructure Security Agency. The Feds warned orgs to beware of this spectral menace, which is known to have infected critical infrastructure and entities in every sector of a typical economy, and which has been observed scoring ransoms as recently as January. It is said to have racked up victims in more than 70 countries, including some in its China homeland.
Ghost first appeared in 2021, and according to the Feds, the gang will "rotate their ransomware executable payloads, switch file extensions for encrypted files, modify ransom note text, and use numerous ransom email addresses, which has led to variable attribution of this group over time." The Chinese group has therefore been identified as Ghost, Cring, Crypt3r, Phantom, Strike, Hello, Wickrme, HsHarada, and Rapture over time. The group's favored tactics, however, remain consistent: It targets unpatched systems to exploit known vulnerabilities that allow it to infect targets. [...]
Ghost first appeared in 2021, and according to the Feds, the gang will "rotate their ransomware executable payloads, switch file extensions for encrypted files, modify ransom note text, and use numerous ransom email addresses, which has led to variable attribution of this group over time." The Chinese group has therefore been identified as Ghost, Cring, Crypt3r, Phantom, Strike, Hello, Wickrme, HsHarada, and Rapture over time. The group's favored tactics, however, remain consistent: It targets unpatched systems to exploit known vulnerabilities that allow it to infect targets. [...]
No need to worry (Score:2)
Once CISA goes away we won't have to hear about these annoying intrusions ever again. https://www.wired.com/story/do... [wired.com]
Re: (Score:2)
So, 19yr old "Big Balls" is the guy fired from his previous job at a cybersecurity company for leaking company secrets. Now he's on CISA's staff? Everything is fine, people. Nothing to see here.
Here... This fixes it. (Score:2)
This is going to get worse (Score:2)
Computer malware is getting better and better and computer users are getting dumber and dumber.
Companies better start setting aside large amounts of money for ransom fees.
Re: (Score:2)
Computer malware is getting better and better and computer users are getting dumber and dumber.
How true. Once upon a time, you had to be pretty smart just to get yourself up and running on the internet. We had our kooks, for certain. But they were smart kooks.
The demands were for easier access. Then along came Eternal September. Hard to pin an exact moment, but Eternal September gave us a glimpse of the future. So as we made it easier and easier to get on the intertoobz, we had a corresponding increase in stupid people. Today, you just buy your smartphone, tablet, or desktop, and you're good to go