Nearly 900 organizations, including businesses and critical infrastructure, have been compromised by the Play ransomware operation as of last month, representing a threefold increase from October 2023, as the gang continues to refine its attack methods, according to BleepingComputer.
Each succeeding intrusion launched by Play ransomware, also known as Playcrypt, involved recompiled malware that facilitated increased stealth against security systems, as well as intensified data extortion techniques, an updated joint advisory from the FBI, Cybersecurity and Infrastructure Security Agency, and the Australian Cyber Security Centre revealed. Multiple vulnerabilities, including those impacting the SimpleHelp remote access tool, have also been leveraged by Play-linked attackers to compromise U.S. entities since earlier this year. Organizations' security teams have been recommended to not only ensure up-to-date software and firmware but also adopt universal multi-factor authentication and establish offline data backups and recovery routines. Such an advisory comes after Play ransomware was reported to have breached semiconductor manufacturer Microchip Technology, doughnut chain Krispy Kreme, major automotive retailer Arnold Clark, and cloud computing firm Rackspace.
Each succeeding intrusion launched by Play ransomware, also known as Playcrypt, involved recompiled malware that facilitated increased stealth against security systems, as well as intensified data extortion techniques, an updated joint advisory from the FBI, Cybersecurity and Infrastructure Security Agency, and the Australian Cyber Security Centre revealed. Multiple vulnerabilities, including those impacting the SimpleHelp remote access tool, have also been leveraged by Play-linked attackers to compromise U.S. entities since earlier this year. Organizations' security teams have been recommended to not only ensure up-to-date software and firmware but also adopt universal multi-factor authentication and establish offline data backups and recovery routines. Such an advisory comes after Play ransomware was reported to have breached semiconductor manufacturer Microchip Technology, doughnut chain Krispy Kreme, major automotive retailer Arnold Clark, and cloud computing firm Rackspace.
