Security News > 2023 > September > FBI: Dual ransomware attack victims now get hit within 48 hours
The FBI has warned about a new trend in ransomware attacks where multiple strains are deployed on victims' networks to encrypt systems in under two days.
Variants used in these dual ransomware attacks include AvosLocker, Diamond, Hive, Karakurt, LockBit, Quantum, and Royal.
"This use of dual ransomware variants resulted in a combination of data encryption, exfiltration, and financial losses from ransom payments," the FBI said.
In contrast to the past, when ransomware groups typically required a minimum of 10 days to execute such attacks, now the vast majority of ransomware incidents targeting the same victim take place within a mere 48-hour timeframe of each other, according to FBI's data.
The FBI says that starting in early 2022, multiple ransomware gangs have begun adding new code to their custom data theft tools, wipers, and malware to evade detection.
"Because the Hive attack started 2 hours after Lockbit, the Lockbit ransomware was still running - so both groups kept finding files without the extension signifying that they were encrypted," the Sophos team said.
News URL
Related news
- Blue Yonder ransomware attack disrupts grocery store supply chain (source)
- Starbucks, grocery stores impacted by Blue Yonder ransomware attack (source)
- VPN vulnerabilities, weak credentials fuel ransomware attacks (source)
- Bologna FC confirms data breach after RansomHub ransomware attack (source)
- Vodka maker Stoli files for bankruptcy in US after ransomware attack (source)
- Romanian energy supplier Electrica hit by ransomware attack (source)
- Ransomware attack hits leading heart surgery device maker (source)
- US sanctions Chinese firm for hacking firewalls in ransomware attacks (source)
- US sanctions Chinese cybersecurity company for firewall compromise, ransomware attacks (source)
- US Sanctions Chinese Cybersecurity Firm for 2020 Ransomware Attack (source)