Matrix-Themed Ransomware Variant Spreads

  /     /     /  
Publicated : 23/11/2024   Category : security


Matrix-Themed Ransomware Variant Spreads


MegaCortex uses a compromised domain controller in its attack.



The ransomware note sent by a newly spotted and active ransomware variant called MegaCortex sends a ransom note that reads as if it came from the voice of Lawrence Fishburnes character Morpheus, from
The Matrix.
 The note interestingly doesnt include a ransom fee but, instead, an offer for consultation on how to improve your companies [sic] cyber security and a promise that taking the attackers up on that will guarantee they wont attack again.
MegaCortex last week was spotted by Sophos going after a large number of its enterprise customers across the US, Europe, and Canada — with 47 attack attempts occurring within 48 hours at one point.
Andrew Brandt, principal researcher at Sophos, says the victims reported a compromised domain controller as the originator of the attacks, and the attackers employed stolen admin credentials to run a PowerShell script in the attack via the compromised controller.
While Sophos is still investigating the new ransomware and its infection process, Brandt wrote in a blog post that MegaCortex seems to mainly be found among organizations with existing Emotet and Qbot infections. If you are seeing alerts about Emotet or Qbot infections, those should take a high priority. Both of those bots can be used to distribute other malware, and its possible thats how the MegaCortex infections got their start, he wrote.
Jessica Bair, senior manager of advanced threat solutions at Cisco Systems, says that in some ways MegaCortex is similar to other ransomware variants, with a couple of key exceptions. Its unique in that it uses stolen credentials and the compromised domain controller it uses to run the batch scripts, Bair says.
Read Sophos post 
here

[See Jessica Bair, senior manager of advanced threat solutions at Cisco Systems, present 
Tracking Ransomware: Using Behavior to Find New Threats
, at the Security Pro Summit at Interop on May 21.]
 
 

Last News

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security

▸ Debunking Machine Learning in Security. ◂
Discovered: 23/12/2024
Category: security

▸ Researchers create BlackForest to gather, link threat data. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Matrix-Themed Ransomware Variant Spreads