Security News > 2022 > April > Quantum ransomware seen deployed in rapid network attacks
The Quantum ransomware, a strain first discovered in August 2021, were seen carrying out speedy attacks that escalate quickly, leaving defenders little time to react.
The technical details of a Quantum ransomware attack were analyzed by security researchers at The DFIR Report, who says the attack lasted only 3 hours and 44 minutes from initial infection to the completion of encrypting devices.
The Quantum Locker ransomware is a rebrand of the MountLocker ransomware operation, which launched in September 2020.
The ransom demands for this gang vary depending on the victim, with some attacks demanding $150,000 to receive a decryptor, while others seen by BleepingComputer are multi-million dollar demands, as shown below.
Thankfully, Quantum Locker is not a very active operation like its previous incarnations, with only a handful of attacks each month.
While they may not be as active as other ransomware operations, such as Conti, LockBit, and AVOS, they are still a significant risk and it is important for network defenders to be aware of the TTPs related to their attacks.
News URL
Related news
- City of Columbus: Data of 500,000 stolen in July ransomware attack (source)
- Columbus, Ohio, confirms 500K people affected by Rhysida ransomware attack (source)
- Critical Veeam RCE bug now used in Frag ransomware attacks (source)
- Halliburton reports $35 million loss after ransomware attack (source)
- New Ymir ransomware partners with RustyStealer in attacks (source)
- New Ymir Ransomware Exploits Memory for Stealthy Attacks; Targets Corporate Networks (source)
- New 'Helldown' Ransomware Variant Expands Attacks to VMware and Linux Systems (source)
- Five backup lessons learned from the UnitedHealth ransomware attack (source)
- Mega US healthcare payments network restores system 9 months after ransomware attack (source)
- SafePay ransomware gang claims Microlise attack that disrupted prison van tracking (source)