BleepingComputer reports that more than 40 companies around the world have been compromised by Conti ransomware affiliates in the ARMattack campaign from Nov. 17 to Dec. 20, 2021, making it one of the group's "most productive" hacking campaigns.
U.S.-based companies were most impacted by the ARMattack hacking spree, while attackers only spent three days between obtaining initial access and system encryption in their shortest successful attack, a report from Group-IB revealed.
"After gaining access to a companys infrastructure, the threat actors exfiltrate specific documents (most often to determine what organization they are dealing with) and look for files containing passwords (both plaintext and encrypted). Lastly, after acquiring all the necessary privileges and gaining access to all the devices they are interested in, the hackers deploy ransomware to all the devices and run it," said researchers.
The report also noted that Conti had been operating around noon until 9 p.m., with affiliates continuously tracking Windows updates and new patch changes, as well as identifying zero-day flaws.
Despite the takedown of the Conti brand in May following the disclosure of its source code and chat messages, Conti has remained the second most active ransomware group in the first quarter and has entered collaborations with smaller ransomware groups.
Vulnerabilities impacting cloud analytics and business intelligence software Qlik Sense have been exploited to facilitate the deployment of CACTUS ransomware in a new campaign, The Hacker News reports.
Staples cyberattack disrupts online orders BleepingComputer reports that outages at American office supply retail chain that disrupted online orders were confirmed to have been caused by a cyberattack.
Cyber Resilience in the Ransomware and Wiper Era New Strategies for CISOs to Protect
The changing face of ransomware, and how to respond
Unveiling the Hidden Threat: Hybrid Attackers Leveraging Identities to Execute Ransomware
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news