Numerous sectors impacted by RedEnergy stealer-as-a-ransomware attacks

Organizations in the oil, gas, energy utilities, machinery, and telecommunications industries across Brazil and the Philippines have been subjected to attacks by the new sophisticated RedEnergy stealer-as-a-ransomware campaign, The Hacker News reports. Attacks by RedEnergy involve a multi-stage approach commencing with a FakeUpdates campaign using legitimate LinkedIn pages to deceive victims into downloading JavaScript-based malware masked as updates for their web browser, according to a Zscaler report. Downloading the executable will then be followed by the deployment of an information stealer with data harvesting and file encryption capabilities. The findings also showed that other modules enabling further ransomware activities are also included in the stealer. Victims of the attack have been demanded to pay nearly $151 worth of Bitcoin to regain access to stolen files. "It is crucial for individuals and organizations to exercise utmost caution when accessing websites, especially those linked from LinkedIn profiles. Vigilance in verifying the authenticity of browser updates and being wary of unexpected file downloads is paramount to protect against such malicious campaigns," said researchers Shatak Jain and Gurkirat Singh.