The risk actor group behind brand-new ransomware called “Egregor” targets business to take sensitive data and after that secure all the files.
Scientists from Appgate, found the ransomware, according to their code analysis the ransomware found to be the spinoff of the Sekhmet ransomware.
Egregor Ransomware Targets
Enemies follow this approach to prevent by hand or sandbox analysis, also the group has an “Egregor news” website, hosted on the deep web to leakage stolen data.
According to the ransom note “if the ransom is not paid by the business within 3 days, and aside from dripping part of the taken information, they will disperse via mass media where the companys partners and clients will understand that the business was assaulted.”
” Egregors ransom note also states that aside from decrypting all the files in the event the company pays the ransom, they will likewise offer suggestions for protecting the companys network, “assisting” them to prevent being breached again, functioning as some sort of black hat pentest team.”
Ransomware attack is quite typical nowadays because Malicious software application spreading all over through different mediums. The cybercriminals that utilize it are looking to do something, obtain your money.
The ransomware group targets business around the world consisting of the global logistic company GEFCO, according to their advisory at least 13 different companies were infected.
The hazard actors behind the ransomware hacking into business network and steals the delicate data, when the information exfiltrated they encrypt all the files.
The designers behind the ransomware followed numerous code obfuscation techniques to load the payloads and it will get decrypted just if the appropriate decryption secret is supplied.