nephilim – Bitfinance https://bitfinance.news Fintech & new economy info Tue, 22 Jun 2021 14:34:32 +0000 en-US hourly 1 https://wordpress.org/?v=7.0 https://bitfinance.news/wp-content/uploads/2025/01/favicon-64.png nephilim – Bitfinance https://bitfinance.news 32 32 Nefilim, the ransomware that attacks the richest companies https://bitfinance.news/en/nefilim-the-ransomware-that-attacks-the-richest-companies/ Tue, 22 Jun 2021 15:23:36 +0000 https://bitfinance.news/?p=64645 Los ataques cibernéticos hacia donde apunta este tipo de amenaza va principalmente dirigidos a organizaciones con facturaciones que superan los 1.000 millones de dólares

Ransomware attacks are one of the most damaging threats to organizations, both in operational, economic and reputational terms. In recent years their strategies have evolved to obtain greater benefits, as is the case with Nefilim, one of the most successful modern companies, mainly by targeting organizations with a turnover of more than $ 1 billion. […]

La entrada Nefilim, the ransomware that attacks the richest companies apareció primero en Bitfinance.

]]> Los ataques cibernéticos hacia donde apunta este tipo de amenaza va principalmente dirigidos a organizaciones con facturaciones que superan los 1.000 millones de dólares

Ransomware attacks are one of the most damaging threats to organizations, both in operational, economic and reputational terms. In recent years their strategies have evolved to obtain greater benefits, as is the case with Nefilim, one of the most successful modern companies, mainly by targeting organizations with a turnover of more than $ 1 billion.

Ransomware is a type of cyber threat that infects a computer or a network to encrypt it and steal the information it contains, and for its release requires payment in exchange, usually in a cryptocurrency. But modern attacks are selective, adaptive, and stealth, and use approaches that have already been tested and perfected by advanced persistent threat groups (APTs), as Trend Micro warns.

Thus, modern ransomware actors, such as those behind Nephilim, perform lateral movements like APT actors to try to find important systems on the victim’s network, which are more likely to contain sensitive data to steal and encrypt.

Data theft

The company highlights the existence of different groups of cybercriminals that are in charge of the different phases of the attacks. “This is the by-product of a recent evolution in cybercriminals’ business operations: hackers are now partnering with ransomware actors to monetize hacking-related breaches,” they explain.

They also turn to legitimate tools like AdFind, Cobalt Strike, Mimikatz, Process Hacker, PsExec, and MegaSync to achieve their end goal while remaining hidden. As pointed out from Trend Micro, this can make it difficult for security operations center (SOC) analysts, who examine event logs from different parts of the environment, to get an overview of the big picture and detect attacks.

The study deals in total with 16 groups of modern ‘malware’, analyzed between March 2020 and January 2021, of which Conti, Doppelpaymer, Egregor and REvil led the number of exposed victims, and Cl0p had the most data stolen hosted ‘online’, with 5 TB.

Nefilim is one of the most lucrative ransomware groups. With its focus on organizations with more than $ 1 billion in turnover, it has the highest median revenue and it published about 2 TB of data last year.

K. Tovar

Source: dpa

La entrada Nefilim, the ransomware that attacks the richest companies apareció primero en Bitfinance.

]]>