Threat Trend Report on Ransomware – July 2023 Posted By ahnlabti , September 11, 2023 This report provides statistics on the number of new ransomware samples, targeted systems, and targeted businesses in July 2023, as well as notable ransomware issues in Korea and other countries. Key Trends 1) More businesses affected by CLOP ransomware’s exploitation of MOVEit zero-day vulnerability 2) Big Head ransomware disguised as an emergency Windows update 3) Detection names for ransomware disguised as Sophos file ATIP_2023_Jul_Threat Trend Report on Ransomware Statistics and Major Issues
Threat Trend Report on Ransomware – June 2023 Posted By ahnlabti , August 16, 2023 This report provides statistics on new ransomware samples, attacked systems, and targeted businesses in June 2023, as well as notable ransomware issues in Korea and other countries. Other major issues and statistics for ransomware that are not mentioned in the report can be found by searching for the following keywords or via the Statistics menu at AhnLab Threat Intelligence Platform (ATIP). Ransomware Statistics by Type The number of ransomware samples and targeted systems are based on the detection names designated…
Hakuna Matata Ransomware Targeting Korean Companies Posted By Sanseo , August 16, 2023 Recently, AhnLab Security Emergency response Center (ASEC) has identified that the Hakuna Matata ransomware is being used to attack Korean companies. Hakuna Matata is a ransomware that has been developed relatively recently. The first report related to Hakuna Matata was identified on July 6th, 2023 on Twitter. [1] On July 14th, 2023, a post of a threat actor promoting Hakuna Matata on the dark web was shared on Twitter as well. [2] Also, out of the ransomware strains uploaded on VirusTotal,…
V3 Detects and Blocks Magniber Ransomware Injection (Direct Syscall Detection) Posted By AhnLab_en , August 10, 2023 The Magniber ransomware is consistently being distributed at high volumes. It has been distributed through the IE (Internet Explorer) vulnerability for the past few years but stopped exploiting the vulnerability after the support for the browser ended. Recently, the ransomware is distributed with filenames disguised as a Windows security update package (e.g. ERROR.Center.Security.msi) in Edge and Chrome browsers. Magniber at the moment injects the ransomware into a running process, having this process cause damage by encrypting the user’s files. This post…
Threat Trend Report on Ransomware – May 2023 Posted By ahnlabti , July 7, 2023 This report provides statistics on new ransomware samples, attacked systems, and targeted businesses in May 2023, as well as notable ransomware issues in Korea and other countries. Other major issues and statistics for ransomware that are not mentioned in the report can be found by searching for the following keywords or via the Statistics menu at AhnLab Threat Intelligence Platform (ATIP). – Ransomware – Statistics by Type The number of ransomware samples and targeted systems are based on the detection…