Security researchers warn that new ransomware has attacked at least 71 Company’s around the world.
The hackers created a new version of ransomware might have only just begun to get traction, security researchers have warned.
Security researchers from IT security firm Digital Shadows wrote that Egregor ransomware carried out its first attack on September 25 and is filling the space left by Maze ransomware, which ceased operations last month.
In October, Egregor struck Barnes & Noble and video game creators Ubisoft and Crytek. By Barnes & Noble, Egregor hackers introduced two Windows Registry hives – claiming they contained compassionate financial information about the bookseller.
In the assault against video game company Ubisoft, Egregor claimed to have stolen source code for its “Watchdogs: Legion” title, leaking 200MB of information about in-game resources, although there was no confirmation from Ubisoft workers on the situation.
The researchers have stated the new Egregor strain shares similarities with Maze, such as malware signatures, their goal victims being inside the industrial products & services industry, and the practice of leaking company’s sensitive information onto a dark web “News” site.
Egregor has also had a very busy November, with 71 victims crossing across 19 different industry verticals listed up to now.
“The level of sophistication of the attacks, adaptability to infect such a wide assortment of victims, and a significant increase in their activity suggests that Egregor ransomware operators have been growing their malware for a while and are only now putting it to (malicious) usage,” said Lauren Palace, an analyst at Digital Shadows.
Researchers have discovered that the offenders behind Egregor are inclined to release packets of readily traceable information to the victim when requiring a hefty ransom to prevent further leaks. The majority of the victims, based on Digital Shadows, are clustered in the industrial products & services industry (38%), with a great majority of sufferers being US-based companies (83%).
Egregor attacks have increased 240 percent from September 25 (15 events) to October 31 (51 events) and are up a further 43 percent as of November 17, bringing the total number of episodes to 71, according to Place.
Given the sophisticated technical capacities of Egregor hackers to hinder malware analysis and the fact it has already targeting a huge range of associations, Digital Shadows has cautioned that the team will “probably continue in the future, posing more and more of a threat to your business.”