Los ataques cibernéticos hacia donde apunta este tipo de amenaza va principalmente dirigidos a organizaciones con facturaciones que superan los 1.000 millones de dólares
FeaturedFinancial security

Nefilim, the ransomware that attacks the richest companies

The cyber attacks where this type of threat points is mainly directed at organizations with billings that exceed 1,000 million dollars

Ransomware attacks are one of the most damaging threats to organizations, both in operational, economic and reputational terms. In recent years their strategies have evolved to obtain greater benefits, as is the case with Nefilim, one of the most successful modern companies, mainly by targeting organizations with a turnover of more than $ 1 billion.

Ransomware is a type of cyber threat that infects a computer or a network to encrypt it and steal the information it contains, and for its release requires payment in exchange, usually in a cryptocurrency. But modern attacks are selective, adaptive, and stealth, and use approaches that have already been tested and perfected by advanced persistent threat groups (APTs), as Trend Micro warns.

Thus, modern ransomware actors, such as those behind Nephilim, perform lateral movements like APT actors to try to find important systems on the victim’s network, which are more likely to contain sensitive data to steal and encrypt.

Data theft

The company highlights the existence of different groups of cybercriminals that are in charge of the different phases of the attacks. “This is the by-product of a recent evolution in cybercriminals’ business operations: hackers are now partnering with ransomware actors to monetize hacking-related breaches,” they explain.

They also turn to legitimate tools like AdFind, Cobalt Strike, Mimikatz, Process Hacker, PsExec, and MegaSync to achieve their end goal while remaining hidden. As pointed out from Trend Micro, this can make it difficult for security operations center (SOC) analysts, who examine event logs from different parts of the environment, to get an overview of the big picture and detect attacks.

The study deals in total with 16 groups of modern ‘malware’, analyzed between March 2020 and January 2021, of which Conti, Doppelpaymer, Egregor and REvil led the number of exposed victims, and Cl0p had the most data stolen hosted ‘online’, with 5 TB.

Nefilim is one of the most lucrative ransomware groups. With its focus on organizations with more than $ 1 billion in turnover, it has the highest median revenue and it published about 2 TB of data last year.

K. Tovar

Source: dpa

You might also like
Business

Caracas Stock Index ended this Thursday, April 18, at 64,513.20 points

Featured

Price of the BCV dollar this Thursday, April 18

Cryptocurrencies

Germany’s largest federal bank enters the crypto ecosystem

Featured

Banks do not work this Friday, April 19 due to a national holiday

Featured

The United States revokes sanctions relief for Venezuela

Featured

Price of the BCV dollar for this Wednesday, April 17

More Stories

Switzerland proceeds to return embezzled funds to Conmebol

Apple prepares for the Type-C port

Peruvian crypto platforms to submit user data to the…