On June 5, 2022, MalwareHunterTeam detected a new ransomware operation called 'RedAlert' or 'N13V' encrypting Windows and Linux VMWare ESXi servers in cyberattacks against corporate entities. As per reports, the Linux encryptor is created to attack VMware ESXi servers with command-line parameters to shut down any running virtual machines before encrypting files. The '-w' command line parameter will shut down all running VMware ESXi virtual machines, and the '-x' command-line parameter performs 'asymmetric cryptography performance testing' using various NTRUEncrypt parameter sets to get different levels of security. In addition, the ransomware was identified to encrypt files related to VMware ESXi virtual machines, such as log files, swap files, virtual discs, and memory files with the ' .crypt658' extension. In addition, the ransomware group also creates a custom ransom note labeled 'HOW TO RESTORE' with a description of stolen data for each folder, and also provides a link to the TOR ransom payment site for the victim. Further, RedAlert/N13V takes the payment in the Monero cryptocurrency only, which is a private coin that is not commonly used on USA cryptocurrency exchanges. Like other ransomware groups, the RedAlert uses double-extortion attacks, where data is stolen first, and then ransomware is deployed to demand a ransom payment to provide decryptors, and another demand to prevent the leak of stolen data. Currently, the RedAlert data leak site has only one victim, which indicates the ransomware operation is very new.
Cybersecurity researchers have uncovered a targeted operation against Ukraine, exploiting a nearly seven-year-old flaw in Microsoft Office to deliver Cobalt Strike on compromised s...
A Belarusian hacker activist group claims to have breached the network of the country's main KGB security agency, accessing personnel files of over 8,600 employees. While autho...
Officials at the California Statewide Automated Welfare System have reported a security breach affecting more than 19,000 online accounts on the BenefitsCal platform for welfare pr...