Beware! This Ransomware Self-Spreads At An Alarming Rate! What Can You Do To Keep Your Network Safe?
With the recent surge of online users and interactions due to the coronavirus lockdown keeping everyone at home and forcing workers to bring their jobs indoors, cybercriminals have had a more significant number of targets to focus their attacks on.
A recent virus, the LockBit ransomware, has made its way to the forefront of cyber threats with its speed of infection and severity. LockBit is a recent Ransomware-as-a-Service (RaaS) that was released to the world in September 2019.
A dastardly malicious malware
The creators behind the virus are the ones holding the site up and taking payments from anyone willing to sign up and spread the malware themselves. Developers of LockBit then get a share of 25-40 percent of the ransom payments and a higher share of 60-75 percent for affiliates.
McAfee Labs researchers, along with Northwave, a cybersecurity firm, have joined forces and filed a joint report that shows just how LockBit ransomware affiliates powered through a corporate network and encrypted 25 servers and at least 255 workstations in a matter of three hours.
The hack started with the cybercriminals brute-forcing their way through an administrator account that was equipped with an outdated VPN service. The opportunity gave them access to administrative credentials that they needed to release LockBit into the network entirely.
McAfee analysts said the new ransomware features a substantial rate of infection that can spread to the rest of the computers on the network, all on its own.
Encrypting a target device's files isn't the only threat that LockBit has up its sleeve, it is also capable of performing ARP requests to search for and locate other active hosts on the network and will attempt to spread over to them over Server Message Block (SMB) protocol.
If or when the attack is successful, then the malware will issue a remote PowerShell command to download itself into the device and run itself.
LockBit spreads faster the more devices it infects, due to utilizing each one to attack another to force itself and grow even further. This feature of the virus is what makes it severely threatening compared to most other malware, with its speed and non-reliance on a manual helper.
The virus is expected to continue to grow and expand its reach due to how easy it is to execute that requires little to no skill to deploy.
Some computer security helpful advice
Experts advise users and businesses to keep their networks safe by applying security hygiene that plays a crucial role in preventing cyberattacks from being successful. It is also imperative to know how to lockdown frequent attack vectors like RDP access to make sure your network is safe.
Another thing to look at would be backing up your files and storing them at a separate and secure location or device that is not connected to your main network to reduce the chances of them being accessed at once.
With the recent surge of ransomware, IT teams and C-suites have only recently started to prevent and secure themselves from these kinds of attacks actively. A little bit of planning can also go a long way in preparing yourself to be protected from any malware.
BlackRock: New Android Malware That Targets Data From Over 300 Apps
Be careful with what you're downloading on your Android device since you might become a victim of the malware BlackRock.
The Mac ThiefQuest Ransomware Proves All Computers Can Be Infected
If you think having a Mac computer will keep you safe from malware, you are wrong. The ThiefQuest ransomware is proof that even Macs aren't safe.
The Univeristy of California San Francisco Pays $1.14 Million Ransom To Cybercriminals
It looks like ransomware has taken hold of servers at UCSF. Unfortunately, the ransom had to be paid to save their data. But did they try to restore it themselves? Find out here.
Vulnerable Windows Devices Are Being Taken Advantage Of To Spread The Lucifer Malware
There is new malware circulating that's exploiting vulnerabilities in Windows computers, The infected systems are being used to launch DDoS attacks and also turning them into cryptocurrency miners.
[Caution] New Ransomware Jaff Extorts $3,700! Here's How to Spot it
Imagine having to pay $3,700 for opening a wrong email. Have you heard about the ransomware Jaff?
MORE IN ITECHPOST
Buildots Raises $16 Million as It Brings AI Computer Vision to Construction Management
Buildots uses hardhat-mounted 360° cameras to seamlessly determine the exact status of an ongoing project and provides invaluable insight to contractors.
2 NASA Astronauts Are Home from ISS, Proving SpaceX Can Safely Bring People to and from Space
After a two-month mission, SpaceX brings back home 2 astronauts, proving that it could transport people to and from space safely.
Something is Surely Brewing Within Destiny 2
How are you keeping on? There's a whole lot of content in the game and even though some of it is going away, the great variety won't go anywhere. On top of that, new stuff will be added and the huge add-on announced not that long ago kind of gives you hint about that. If you've played this game long enough, then you know you can't have everything, but what if there was a way? Of course, we're talking about Destiny 2 boosting. But it's not just good for herding some items. Our services can be used for any in-game goal, small or big.