Washington: A ransomware group from Cuba has hit “49 entities in 5 vital infrastructure sectors” within the US and made no less than $43.9 million in ransom funds.
In a discover, the Federal Bureau of Investigation (FBI) mentioned that the group is focusing on enterprises within the monetary, authorities, healthcare, manufacturing and data expertise sectors.
“The FBI has recognized, as of early November 2021, that Cuba ransomware actors have compromised no less than 49 entities in 5 vital infrastructure sectors, together with however not restricted to the monetary, authorities, healthcare, manufacturing and data expertise sectors,” the discover mentioned on Friday.
Cuba ransomware is distributed by Hancitor malware, a loader identified for dropping or executing stealers, equivalent to Distant Entry Trojans (RATs) and different kinds of ransomware, onto the victims’ networks.
Hancitor malware actors use phishing emails, Microsoft Alternate vulnerabilities, compromised credentials, or reputable Distant Desktop Protocol (RDP) instruments to achieve preliminary entry to a sufferer’s community.
Cuba ransomware actors have demanded no less than $74 million and obtained no less than $43.9 million in ransom funds.
The US has skilled probably the most reported incidents within the second quarter this 12 months.
A number of the most high-profile ransomware assaults of the 12 months concerned ransomware-as-a-service (RaaS), together with the assault in opposition to Colonial Pipeline within the US by a ‘DarkSide’ affiliate.
Fuelled by cryptocurrencies, ransomware was concerned in 79 per cent of the worldwide cybersecurity incidents within the final 18 months of the pandemic, led by Conti and REvil ransomware assaults, one other report from international cyber safety agency Sophos confirmed final week.