August 8, 2024 at 02:27AM
Summary:
The BlackSuit ransomware has demanded up to $500 million in ransoms, targeting critical infrastructure sectors and using various infection pathways. Threat actors are using aggressive tactics, including threatening secondary victims and analyzing stolen data. New ransomware families continue to emerge while existing groups evolve their operations.
Summary of meeting notes:
– The BlackSuit ransomware strain has been demanding large ransoms, with individual demands reaching as high as $60 million.
– It has targeted critical infrastructure sectors such as commercial facilities, healthcare, government facilities, and critical manufacturing.
– BlackSuit leverages initial access from phishing emails, exploits vulnerabilities, and uses legitimate tools like RMM software, SystemBC, and GootLoader malware for persistence.
– The ransomware group uses aggressive tactics, including threatening victims and assessing stolen data for further leverage.
– New ransomware families like Lynx, OceanSpy, Radar, Zilla, and Zola are emerging, while existing groups are evolving their tactics.
– Hunters International, a rebranded ransomware group, is using new C#-based malware called SharpRhino and malvertising campaigns to target victims.
Would you like me to assist you with anything else?