1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Eldorado ransomware campaign found targeting Windows and Linux sy

    From TechnologyDaily@1337:1/100 to All on Tue Jul 9 12:00:06 2024
    Eldorado ransomware campaign found targeting Windows and Linux systems alike

    Date:
    Tue, 09 Jul 2024 11:48:11 +0000

    Description:
    Eldorado is not a rebrand of older variants, experts claim.

    FULL STORY ======================================================================

    There is a brand new player in the ransomware -as-a-service (RaaS) scene, and its called Eldorado.

    Cybersecurity researchers Group-IB have been tracking the group for some time now, and have even obtained a version of the encryptor for analysis.

    As per the researchers, Eldorado is not a rebrand of a previous threat actor, and probably has entirely new people running it. Most likely, it started its operation in March this year, as that is roughly the time the researchers saw the group advertise its services on the dark web and first called for skilled affiliates to join the program. Customization options

    The encryptor was built for Windows and Linux devices, and is also capable of targeting VMware ESXi hypervisors. Since March, it was able to claim 16 victims, mostly in real estate, education, healthcare, and manufacturing.

    The developers say Eldorado does not rely on previously published builder sources, and claim to have built the encryptor to offer some level of customization. On Linux, affiliates can choose which directories to encrypt, while on Windows, they can choose directories, skip local files, target network shares on specific subnets, and prevent the malware from self-destructing.

    Otherwise, its default setting is to self-delete and prevent security teams from running a post-mortem.

    The group also said it had a data leak site, but according to
    BleepingComputer , it is currently offline.

    Although relatively new and not a rebrand of well-known ransomware groups, Eldorado has quickly demonstrated its capability within a short period of
    time to inflict significant damage to its victims data, reputation, and business continuity, Group-IBs researchers wrote in their analysis.

    As with most other cyberattacks, a ransomware attack usually relies on a person clicking a malicious link, or running a malicious file locally, so the best protection against ransomware is to educate your employees on the
    dangers of phishing and social engineering attacks. More from TechRadar Pro Huawei ramps up R&D spending in mobile push Here's a list of the best firewalls around today These are the best endpoint security tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/eldorado-ransomware-campaign-found-targ eting-windows-and-linux-systems-alike


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)