Monday, April 12, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

Another ransomware strain is now stealing data before encrypting it

December 18, 2019
in Internet Security
Another ransomware strain is now stealing data before encrypting it
586
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Ransomware: Pay the ransom or we’ll leak your data
Pay the ransom or we’ll leak your data is the latest trend, warns cybersecurity company.

The Zeppelin ransomware gang has joined the ranks of ransomware strains that will also collect and steal a victim’s data before encrypting files.

You might also like

Ransomware: The internet’s biggest security crisis is getting worse. We need a way out

Washington State educational organizations targeted in cryptojacking spree

Critical Zoom vulnerability triggers remote code execution without user input

Zeppelin joins Maze, REvil (Sodinokibi), Snatch, and the now-defunct Merry Christmas ransomware in doing so.

The discovery that Zeppelin also steals victim data before the encryption process was made by cyber-security firm Morphisec while investigating and providing incident response services to a Zeppelin victim in the real estate sector.

“In this case, we have a threat actor using similar techniques like in the Wipro incident — targeting servers, stopping all database processes, copying the backup, and then deploying the ransomware, using all this with a legit IT remote tool,” Michael Gorelik, Morphisec CTO, said in an interview yesterday.

Gorelik told ZDNet that his company identified links to a server where crooks were sending the stolen database backups, “a data source that might indicate significant data breaches of some companies.”

The Morphisec CTO said they contacted authorities in regard to the breach and the data exfiltration server.

Morphisec’s in-depth report on this particular intrusion can be found on the company’s blog. The report and its findings are consistent with a Cylance report from last week, which first documented the Zeppelin ransomware, but not the data theft.

This is because the data theft takes place before the execution of the actual ransomware binary that encrypts the data. It is part of a recent trend in the ransomware scene.

The tactic is often referred to as “big game hunting ransomware.” This term refers to ransomware gangs that abandoned targeting home users and are now going after large enterprises.

The gangs breach a company’s infrastructure, move laterally through the network to gain access to as many computers as possible, and then run their ransomware to encrypt data and demand exorbitant ransom demands.

There’s a slew of ransomware strains that are being used in “big game hunting” intrusions. However, over the past month, there has been a shift in tactics.

As companies are slowly adopting a solid backup strategy, they have also started ignoring the ransom demands and rebuilding their networks from scratch, rather than paying the ransom.

Adapting to this trend, some ransomware gangs are now stealing data from infected networks.

Evidence of data theft and evidence of the use of data theft malware has been observed so far in infections with the Maze, REvil, and Snatch ransomware — and now Zeppelin.

It is believed that the stolen data is used to put pressure on victim companies to pay, rather than restore from backups.

However, over the past few weeks, another trend has been developing, where some of these ransomware gangs are threatening victims to leak data on the public internet if they don’t.

This pay-or-we-will-leak-your-data approach is currently being used by the Maze ransomware gang. They recently created a website on the public internet where they list all the victim companies who didn’t pay and have started leaking some of their data.

mazenews.png

Image: ZDNet

The operators of the REvil ransomware have also shown an interest in adopting a similar approach, albeit no case has been publicly documented as of yet.

For now, the Zeppelin gang has only been seen stealing victim data, but not making extortion demands to leak data if they’re not paid. Although, as the ransomware scene is evolving, this might change in the future as the tactic is adopted by more and more threat actors.

Credit: Zdnet

Previous Post

14 Ways to Evade Botnet Malware Attacks On Your Computers

Next Post

Jewelers Mutual Teams with H2O.ai to Drive AI Innovation in the Jewelry Insurance Business

Related Posts

Ransomware: The internet’s biggest security crisis is getting worse. We need a way out
Internet Security

Ransomware: The internet’s biggest security crisis is getting worse. We need a way out

April 12, 2021
Washington State educational organizations targeted in cryptojacking spree
Internet Security

Washington State educational organizations targeted in cryptojacking spree

April 10, 2021
Critical Zoom vulnerability triggers remote code execution without user input
Internet Security

Critical Zoom vulnerability triggers remote code execution without user input

April 10, 2021
Nation-state cyber attacks targeting businesses are on the rise
Internet Security

Nation-state cyber attacks targeting businesses are on the rise

April 10, 2021
These are the terrible passwords that people are still using. Here’s how to do better
Internet Security

These are the terrible passwords that people are still using. Here’s how to do better

April 9, 2021
Next Post
Jewelers Mutual Teams with H2O.ai to Drive AI Innovation in the Jewelry Insurance Business

Jewelers Mutual Teams with H2O.ai to Drive AI Innovation in the Jewelry Insurance Business

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Ransomware: The internet’s biggest security crisis is getting worse. We need a way out
Internet Security

Ransomware: The internet’s biggest security crisis is getting worse. We need a way out

April 12, 2021
Data Center Infrastructure Market is Projected to Reach USD 100 Billion by 2027
Data Science

Data Center Infrastructure Market is Projected to Reach USD 100 Billion by 2027

April 12, 2021
Hawaiʻi’s Keck Observatory Aids in Discovery of Rare “Quadruply Imaged Quasars”
Machine Learning

Hawaiʻi’s Keck Observatory Aids in Discovery of Rare “Quadruply Imaged Quasars”

April 12, 2021
Interpretive Analytics in One Picture
Data Science

Interpretive Analytics in One Picture

April 12, 2021
AI and Machine Learning Driven Contract Lifecycle Management for Government Contractors
Machine Learning

AI and Machine Learning Driven Contract Lifecycle Management for Government Contractors

April 12, 2021
Cambridge Quantum Computing Pioneers Quantum Machine Learning Methods for Reasoning
Machine Learning

Cambridge Quantum Computing Pioneers Quantum Machine Learning Methods for Reasoning

April 11, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Ransomware: The internet’s biggest security crisis is getting worse. We need a way out April 12, 2021
  • Data Center Infrastructure Market is Projected to Reach USD 100 Billion by 2027 April 12, 2021
  • Hawaiʻi’s Keck Observatory Aids in Discovery of Rare “Quadruply Imaged Quasars” April 12, 2021
  • Interpretive Analytics in One Picture April 12, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates