Security News > 2022 > April > The Week in Ransomware - April 29th 2022 - New operations emerge
This week we have discovered numerous new ransomware operations that have begun operating, with one appearing to be a rebrand of previous operations.
We also learned of a new ransomware gang called Black Basta that has quickly accumulated victims while, for the most part, staying under the radar until this week.
Finally, Austin Peay State University suffered a ransomware attack and used the unusual tactic of blasting the news on Twitter that students and faculty should shut down their computers.
A new Onyx ransomware operation is destroying files larger than 2MB instead of encrypting them, preventing those files from being decrypted even if a ransom is paid.
New Black Basta ransomware springs into action with a dozen breaches.
LockBit Ransomware Side-loads Cobalt Strike Beacon with Legitimate VMware Utility During a recent investigation, our DFIR team discovered an interesting technique used by LockBit Ransomware Group to load a Cobalt Strike Beacon Reflective Loader.