Beware! This Ransomware Self-Spreads At An Alarming Rate! What Can You Do To Keep Your Network Safe?
With the recent surge of online users and interactions due to the coronavirus lockdown keeping everyone at home and forcing workers to bring their jobs indoors, cybercriminals have had a more significant number of targets to focus their attacks on.
A recent virus, the LockBit ransomware, has made its way to the forefront of cyber threats with its speed of infection and severity. LockBit is a recent Ransomware-as-a-Service (RaaS) that was released to the world in September 2019.
A dastardly malicious malware
The creators behind the virus are the ones holding the site up and taking payments from anyone willing to sign up and spread the malware themselves. Developers of LockBit then get a share of 25-40 percent of the ransom payments and a higher share of 60-75 percent for affiliates.
McAfee Labs researchers, along with Northwave, a cybersecurity firm, have joined forces and filed a joint report that shows just how LockBit ransomware affiliates powered through a corporate network and encrypted 25 servers and at least 255 workstations in a matter of three hours.
The hack started with the cybercriminals brute-forcing their way through an administrator account that was equipped with an outdated VPN service. The opportunity gave them access to administrative credentials that they needed to release LockBit into the network entirely.
McAfee analysts said the new ransomware features a substantial rate of infection that can spread to the rest of the computers on the network, all on its own.
Encrypting a target device's files isn't the only threat that LockBit has up its sleeve, it is also capable of performing ARP requests to search for and locate other active hosts on the network and will attempt to spread over to them over Server Message Block (SMB) protocol.
If or when the attack is successful, then the malware will issue a remote PowerShell command to download itself into the device and run itself.
LockBit spreads faster the more devices it infects, due to utilizing each one to attack another to force itself and grow even further. This feature of the virus is what makes it severely threatening compared to most other malware, with its speed and non-reliance on a manual helper.
The virus is expected to continue to grow and expand its reach due to how easy it is to execute that requires little to no skill to deploy.
Some computer security helpful advice
Experts advise users and businesses to keep their networks safe by applying security hygiene that plays a crucial role in preventing cyberattacks from being successful. It is also imperative to know how to lockdown frequent attack vectors like RDP access to make sure your network is safe.
Another thing to look at would be backing up your files and storing them at a separate and secure location or device that is not connected to your main network to reduce the chances of them being accessed at once.
With the recent surge of ransomware, IT teams and C-suites have only recently started to prevent and secure themselves from these kinds of attacks actively. A little bit of planning can also go a long way in preparing yourself to be protected from any malware.
The Mac ThiefQuest Ransomware Proves All Computers Can Be Infected
If you think having a Mac computer will keep you safe from malware, you are wrong. The ThiefQuest ransomware is proof that even Macs aren't safe.
The Univeristy of California San Francisco Pays $1.14 Million Ransom To Cybercriminals
It looks like ransomware has taken hold of servers at UCSF. Unfortunately, the ransom had to be paid to save their data. But did they try to restore it themselves? Find out here.
Vulnerable Windows Devices Are Being Taken Advantage Of To Spread The Lucifer Malware
There is new malware circulating that's exploiting vulnerabilities in Windows computers, The infected systems are being used to launch DDoS attacks and also turning them into cryptocurrency miners.
[Caution] New Ransomware Jaff Extorts $3,700! Here's How to Spot it
Imagine having to pay $3,700 for opening a wrong email. Have you heard about the ransomware Jaff?
Beware Of This Fake Ransomware Decryptor. It Makes Things Even Worse!
There is a fake ransomware decryptor known as Zorab you can find online, so stay away from it. It's a program that turns your situation into a worse one.
MORE IN ITECHPOST
Elon Musk’s Brain Microchip Neuralink Will Allegedly Cure Depression and Addiction
Elon Musk founded Neuralink in 2016, but what is the purpose of this brain-implanted computer chip? Musk has revealed additional details that you may find interesting.
Spotted in Deep Space: Never Before Seen Four Mystery Objects
A few mysterious objects that haven't been seen until now have recently been spotted in deep space thanks to massive radio telescopes.
A Leaker May Have Confirmed The Release Date Of 'Resident Evil Village'
A leaker who has been reliable in the past regarding Resident Evil may have revealed the release date of Resident Evil Village.