Threat Management

Feds: DDoS attacks added to HelloKitty ransomware’s extortion arsenal

The HelloKitty ransomware group has begun launching distributed denial-of-service attacks against companies it attacked that chose not to pay the demanded ransom or respond quickly to the gang, BleepingComputer reports. "Hello Kitty/FiveHands actors demand varying ransom payments in Bitcoin (BTC) that appear tailored to each victim, commensurate with their assessed ability to pay it. If no ransom is paid, the threat actors will post victim data to the Babuk site payload.bin) or sell it to a third-party data broker," said the FBI in a flash alert issued in coordination with the Cybersecurity and Infrastructure Security Agency. The FBI also noted that several approaches, including addressed SonicWall product vulnerabilities and compromised credentials, are being leveraged by HelloKitty ransomware operators to infiltrate the networks of targets. Since emerging last November, HelloKitty has breached and encrypted CD Projekt Red systems in February, as well as deployed a Linux variant aimed at VMware's ESXi virtual machine platform.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.