Security News > 2022 > April > Quantum ransomware seen deployed in rapid network attacks
The Quantum ransomware, a strain first discovered in August 2021, were seen carrying out speedy attacks that escalate quickly, leaving defenders little time to react.
The technical details of a Quantum ransomware attack were analyzed by security researchers at The DFIR Report, who says the attack lasted only 3 hours and 44 minutes from initial infection to the completion of encrypting devices.
The Quantum Locker ransomware is a rebrand of the MountLocker ransomware operation, which launched in September 2020.
The ransom demands for this gang vary depending on the victim, with some attacks demanding $150,000 to receive a decryptor, while others seen by BleepingComputer are multi-million dollar demands, as shown below.
Thankfully, Quantum Locker is not a very active operation like its previous incarnations, with only a handful of attacks each month.
While they may not be as active as other ransomware operations, such as Conti, LockBit, and AVOS, they are still a significant risk and it is important for network defenders to be aware of the TTPs related to their attacks.
News URL
Related news
- Fidelity customers' financial info feared stolen in suspected ransomware attack (source)
- Fidelity customers' financial info feared stolen in suspected ransomware attack (source)
- Alert: GhostSec and Stormous Launch Joint Ransomware Attacks in Over 15 Countries (source)
- Duvel says it has "more than enough" beer after ransomware attack (source)
- FBI: Critical infrastructure suffers spike in ransomware attacks (source)
- JetBrains TeamCity under attack by ransomware thugs after disclosure mess (source)
- Possible China link to Change Healthcare ransomware attack (source)
- Change Healthcare registers pulse after crippling ransomware attack (source)
- BianLian Threat Actors Exploiting JetBrains TeamCity Flaws in Ransomware Attacks (source)
- JetBrains is still mad at Rapid7 for the ransomware attacks on its customers (source)