OldGremlin Ransomware Group Bedevils Russian Orgs

2020-09-23 14:26

A new cybercriminal group called OldGremlin has been targeting Russian companies - including banks, industrial enterprises and medical firms - with ransomware attacks.

The Russian-speaking cybercriminal group targets other Russian organizations, which researchers say is a big no-no within the Russian hacker community.

Researchers first discovered the group in August, when it targeted a large, unnamed medical company with a spear-phishing email purporting to be sent by the media holding company RBC. Instead, the email was an attack vector for OldGremlin to encrypt the company's entire corporate network and demand a $50,000 ransom.

OldGremlin has also constantly switched up its spear-phishing lures over time to mimic various organizations - from a Russian dental clinic to the Russian microfinance organization Edinstvo.

Of note, OldGremlin appears to be made up of Russian speakers and yet is actively targeting Russian companies - which researchers said is a big transgression among the Russian underground.

News URL

https://threatpost.com/oldgremlin-russian-ransomware/159479/

#ransomware #russian

News URL

Related news