RansomHub Ransomware Group Strikes 210 Victims in Key Industries

Published:

spot_img

Recent Surge in Ransomware Attacks Linked to RansomHub Group and Evolution of Extortion Tactics

The U.S. government has identified a new ransomware group, RansomHub, that has targeted at least 210 victims across various sectors since its emergence in February 2024. Known for its ransomware-as-a-service model, RansomHub has attracted high-profile affiliates from other prominent variants such as LockBit and ALPHV.

According to ZeroFox, RansomHub’s activity has been on an upward trajectory, with the group accounting for approximately 2% of all ransomware attacks in Q1 2024, rising to 14.2% in Q3. The group employs the double extortion model, exfiltrating data and encrypting systems to extort victims.

RansomHub gains initial access to victim environments by exploiting known security vulnerabilities in various devices, followed by affiliates conducting reconnaissance and network scanning using tools like AngryIPScanner and Nmap. The group also disarms antivirus software to evade detection.

One notable aspect of RansomHub attacks is the use of intermittent encryption to speed up the process, with data exfiltration observed through various methods. The rise of RansomHub comes amidst a broader evolution in ransomware attacks, moving towards complex extortion strategies like triple and quadruple extortion schemes.

The lucrative nature of ransomware-as-a-service models has led to a surge in new variants, prompting even Iranian nation-state actors to collaborate with known groups for a share of illicit proceeds. The evolving landscape of ransomware threats underscores the need for robust cybersecurity measures to protect against such attacks.

spot_img

Related articles

Recent articles

Enterprise Events Transform: Key Trends Shaping 2027

Enterprise Events Transform: Key Trends Shaping 2027 As the landscape of enterprise events evolves, the focus is shifting from traditional formats to more interactive, knowledge-driven...

EU Accelerates Review of Social Media Age Limits Following Child Safety Report

EU Accelerates Review of Social Media Age Limits Following Child Safety Report The European Commission is advancing toward the implementation of new measures aimed at...

Spire Solutions Advances Cyber Resilience in MEA with E-7 Cyber’s BlindSpot Platform Partnership

Spire Solutions Advances Cyber Resilience in MEA with E-7 Cyber’s BlindSpot Platform Partnership Spire Solutions has forged a strategic distribution partnership with E-7 Cyber, aimed...

11 Vulnerable Microsoft-Signed UEFI Shims Risk Bypassing Secure Boot

11 Vulnerable Microsoft-Signed UEFI Shims Risk Bypassing Secure Boot Cybersecurity researchers have identified 11 outdated, Microsoft-signed Unified Extensible Firmware Interface (UEFI) applications that pose a...