Security News > 2022 > December > FBI: Cuba ransomware raked in $60 million from over 100 victims
The FBI and CISA revealed in a new joint security advisory that the Cuba ransomware gang raked in over $60 million in ransoms as of August 2022 after breaching more than 100 victims worldwide.
"Since the release of the December 2021 FBI Flash, the number of U.S. entities compromised by Cuba ransomware has doubled, with ransoms demanded and paid on the increase," the two federal agencies warned today.
Per FBI's estimations, Cuba ransomware threat actors compromised over 100 entities worldwide until August, collecting at least $60 million in ransom payments after demanding over $145 million.
FBI and CISA added that the ransomware gang has expanded its tactics, techniques, and procedures since the start of the year and has been linked to the RomCom Remote Access Trojan and Industrial Spy ransomware.
In today's advisory, the FBI asked those who detect Cuba ransomware activity within their networks to share related information with their local FBI Cyber Squad. Useful information that could help identify the ransomware gang's members and the cybercriminals they work with includes "Boundary logs showing communication to and from foreign IP addresses, a sample ransom note, communications with ransomware actors, Bitcoin wallet information, decryptor files, and/or a benign sample of an encrypted file."
The FBI added that, while it does not encourage ransomware payments because there's no guarantee that paying prevents data leaks or future attacks, victims should report attacks as soon as possible to their local FBI field offices.