Ransomware, Vulnerability Management, Email security
Novel Royal ransomware operation ramps up attacks
More corporations are being targeted by the Royal ransomware operation, which was launched in January but has significantly ramped up malicious activity this month, imposing demands of $250,000 to more than $2 million for its targets, BleepingComputer reports.
Royal ransomware commences its attacks with callback phishing messages spoofing food delivery and software providers luring victims to contact included phone numbers to cancel their supposed subscriptions, according to AdvIntel CEO Vitali Kremez.
Social engineering tactics will then be leveraged by the operation to lure victims into installing remote access software used for initial network access. Meanwhile, an organization impacted by Royal ransomware noted that its network was compromised following the exploitation of a custom web app vulnerability. A
fter launching Cobalt Strike for persistence, Royal worked to exfiltrate credentials and data, laterally spread across the Windows domain, and encrypt devices. Victims of Royal have been demanded ransoms between $250,000 and over $2 million but there has been no evidence of successful payments so far.
An In-Depth Guide to Ransomware
Get essential knowledge and practical strategies to protect your organization from ransomware attacks.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds