1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • This infamous ransomware is back and it's going after the governm

    From TechnologyDaily@1337:1/100 to All on Tue Aug 15 11:30:04 2023
    This infamous ransomware is back and it's going after the government

    Date:
    Tue, 15 Aug 2023 11:17:55 +0000

    Description:
    After a few months on hiatus, Monti is back with an updated encryptor, targeting legal firms and government agencies.

    FULL STORY ======================================================================

    Monti is back with a vengeance. The dreaded ransomware variant that dropped off the radar a couple of months ago has now returned with an upgraded encryptor and more bells and whistles.

    This is according to cybersecurity researchers from Trend Micro, which recently obtained a copy of the new encryption tool. Their conclusion is that it carries significant deviations from its other Linux-based predecessors. This one targets VMware ESXi servers, organizations in the public sector, and legal firms.

    Earlier versions relied almost entirely on Conti, a defunct ransomware encryptor used by a Russian threat actor and terminated once the source code leaked online. In this new version, less than a third of the code bares similarities to Conti. Major changes

    As per a BleepingComputer report, the biggest change is that the new variant is more subtle, and thus more likely to evade detection. Furthermore, it approaches the encryption work differently and leaves a ransom note in every folder it encrypts.

    Monti was first observed in June 2022 by cybersecurity experts from the MalwareHunterTeam. A few months later, a separate cybersecurity firm, Intel 471, suggested that Monti could actually be a rebrand of Conti, as the
    initial network access methods were identical for both. Read more

    The 10 worst ransomware attacks ever


    Ransomware attacks have doubled thanks to AI


    Check out the best firewalls today

    But Monti wasnt as active as its predecessors, which is why researchers didnt pay much attention to it, BleepingComputer added. The only report detailing the variant was published in January 2023 by Fortinet.

    Ransomware is one of the fastest-moving types of cybercrime. Since its surge in popularity, which happened roughly half a decade ago, ransomware has gone through extensive changes.

    These days, many operators refrain from encrypting the data. Instead, they just steal it and demand payment in exchange for not releasing it online. Experts argue this method is more effective as it eliminates the cost of building and maintaining malware strains.

    Also gaining traction is the Ransomware-as-a-Service (RaaS) model, where bad actors develop ransomware tools and rent them out on a subscription basis to other cybercriminals on dark web forums. This means that increasingly, technical knowledge is no longer required to launch devastating attacks,
    which in turn opens the door for more threat actors to appear on the scene. These are the best endpoint protection tools around

    Via: BleepingComputer



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/this-infamous-ransomware-is-back-and-it s-going-after-the-government


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)