New wave of ransomware from Russian-led hackers: researchers
Russia-based hackers are stepping up ransomware attacks against major US firms seeking to cripple computer networks if their demands for millions of dollars are not met, security researchers are warning.
The cybersecurity firm Symantec on Thursday said it had identified at least 31 targets in the United States, including eight Fortune 500 companies.
"The attackers behind this threat appear to be skilled and experienced, capable of penetrating some of the most well protected corporations, stealing credentials, and moving with ease across their networks. As such, WastedLocker is a highly dangerous piece of ransomware," said the threat intelligence team of Broadcom-owned Symantec in its alert.
"At least 31 customer organizations have been attacked, meaning the total number of attacks may be much higher. The attackers had breached the networks of targeted organizations and were in the process of laying the groundwork for staging ransomware attacks."
Earlier in the week a similar warning came from the British-based security firm NCC Group, which identified the ransomware strain dubbed WastedLocker as a new threat since May.
The researchers said those behind the attacks include two Russian nationals, Igor Olegovich Turashev and Maksim Viktorovich Yakubets, indicted in the United States in December for their involvement in an entity known as Evil Corp which is accused of hacking US and British banks.
NCC analyst Stefano Antenucci wrote that researchers can show "with high confidence" that the latest ransomware is from Evil Corp, which has been using the so-called Dridex malware since July 2014.
The US indictment alleges the group believed to be linked to Russian intelligence inserted malware on computers in dozens of countries to steal more than $100 million from companies and local authorities.
The indictment was accompanied by sanctions from the US Treasury on the two men, as well as the announcement of a $5 million reward toward Yakubets' arrest and conviction -- the highest reward ever offered for a cybercriminal.