Security News > 2023 > September > FBI: Dual ransomware attack victims now get hit within 48 hours
The FBI has warned about a new trend in ransomware attacks where multiple strains are deployed on victims' networks to encrypt systems in under two days.
Variants used in these dual ransomware attacks include AvosLocker, Diamond, Hive, Karakurt, LockBit, Quantum, and Royal.
"This use of dual ransomware variants resulted in a combination of data encryption, exfiltration, and financial losses from ransom payments," the FBI said.
In contrast to the past, when ransomware groups typically required a minimum of 10 days to execute such attacks, now the vast majority of ransomware incidents targeting the same victim take place within a mere 48-hour timeframe of each other, according to FBI's data.
The FBI says that starting in early 2022, multiple ransomware gangs have begun adding new code to their custom data theft tools, wipers, and malware to evade detection.
"Because the Hive attack started 2 hours after Lockbit, the Lockbit ransomware was still running - so both groups kept finding files without the extension signifying that they were encrypted," the Sophos team said.
News URL
Related news
- Jackson County in state of emergency after ransomware attack (source)
- Panera Bread week-long IT outage caused by ransomware attack (source)
- The Week in Ransomware - April 5th 2024 - Virtual Machines under Attack (source)
- How can the energy sector bolster its resilience to ransomware attacks? (source)
- The Drop in Ransomware Attacks in 2024 and What it Means (source)
- Change Healthcare faces second ransomware dilemma weeks after ALPHV attack (source)
- FBI warns of massive wave of road toll SMS phishing attacks (source)
- Daixin ransomware gang claims attack on Omni Hotels (source)
- Change Healthcare’s ransomware attack costs edge toward $1B so far (source)
- FBI: Akira ransomware raked in $42 million from 250+ victims (source)