Friday, January 22, 01:24
Home security The OldGremlin team has been targeting Russian companies lately!

The OldGremlin team has been targeting Russian companies lately!

Security company Group-IB says it has spotted a new cybercrime group that has repeatedly and deliberately targeted various Russian companies with malware and ransomware attacks over the past six months. Group-IB says OldGremlin hackers are behind targeted attacks and are using a ransomware strain called TinyCryptor (also known as decr1pt).

OldGremlin

"Only Russian companies have tried to target so far," Oleg Skulkin, senior Group-IB DFIR analyst, told ZDNet this week.

"It's very unusual for Russian-speaking gangs to have this unspecified rule not to target her Russia and the post-Soviet countries ”.

How the attacks unfold

OldGremlin attacks usually start with phear-phishing emails that carry ZIP files with malware, which will usually infect the body with a trojan backdoor called TinyNode. This gives the intruders a starting point network of the company, where hackers spread sideways to others systems and then develop ransomware in the final stages of their attacks.

Once a network is encrypted, the OldGremlin crew typically asks for about $ 50.000 ransom using messages left on the infected systems.

Skulkin says Group-IB spotted OldGremlin in August, but the group's attacks date back to March, with messages Phishing they use to have a variety of lures - for example they pretend to be themselves journalists looking for work.

As Skulkin noted, attacks on Russian entities are rare but have occurred in the past. Usually, groups like Silence and Cobalt started as "small" in Russia before expanding their activities abroad, first to neighboring countries and then to targets worldwide.

"If they are Russian, then it would be unusual, but not unheard of," KELA product manager Raveed Laeb told ZDNet in an interview this week.

"There is also the possibility that they are not Russians but operate outside the CIS countries - for example, Ukrainian nationals may have a dual motive for attacking Russian entities, both economic and ideological," Laeb added.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Teo Ehc
Teo Ehchttps://www.secnews.gr
Be the limited edition.

LIVE NEWS

Mac: How to see which model you have and when it was released

When you need support for your Mac - or want to install some kind of upgrade - you usually need to know the exact ...
00:02:35

Bill Gates: Will he work with Biden on COVID-19 / climate change?

Microsoft co-founder Bill Gates said on Twitter that he is looking forward to working with the new US President, Joe Biden, and ...

What are the rumors circulating about the iPhone 13?

Apple iPhone 13 will have a redesigned Face ID system that will have a smaller notch at the top of the screen, ...

Biden: How was the political transition in the US captured on social media?

As Joe Biden was sworn in as President of the United States, this important political transition was captured on popular social media. On January 20, ...

CentOS ceases to be supported but RHEL is offered for free

Last month, Red Hat caused a great deal of concern in the Linux world when it announced the discontinuation of CentOS Linux.

Microsoft Office 365 employee passwords leaked online!

A new large-scale phishing campaign targeting global organizations has been found to bypass Microsoft Office 365 Advanced Threat Protection (ATP) and ...

COSMOTE and Microsoft provide new cloud solutions for businesses

COSMOTE and Microsoft expand their cooperation, offering even more advanced and high quality cloud solutions, in large and small ...

Cyber ​​attacks in Eastern Europe are on the rise!

The cyber-attacks that have taken place in many US government agencies and companies in recent months have caused concern in the developing countries of ...

Tesla reduces the prices of the Model 3 in Europe

Tesla has reduced the prices of the Model 3 in many European markets, which reductions could be partly linked ...

iOS, Android, XBox users in the crosshairs of a new malvertising campaign

Recently a new malvertising campaign was discovered that targets users of mobile and other connected devices and uses effective ...