Hacking Tool Used With Lockis Ransomware
AhnLab A-FIRST conducted a forensic analysis of the damaged system infected with Lockis ransomware around November. Lockis ransomware is a variant of GlobeImposter ransomware that the Russian attack group TA505 uses, and it first appeared on September 16th. The number of variants of the GlobeImposter ransomware has constantly been increasing
GlobeImposter Ransomware Being Distributed in Korea
The ASEC analysis team has recently identified through internal monitoring that the GlobeImposter ransomware, which targets vulnerable MS-SQL servers, is being distributed. This GlobeImposter ransomware has also been mentioned in AhnLab TIP’s quarterly statistics, specifically in the ‘2022 1st and 2nd Quarter Statistical Report on Malware Targeting MS-SQL,’ and in
