FBI releases flash alert against RagnarLocker ransomware

Avast releases free HermeticRansom ransomware decryptor based on weakness in crypto schema
March 3, 2022
Updated Conti ransomware alert by CISA announce Conti’s involvement in over 1000 attacks
March 9, 2022

FBI releases flash alert against RagnarLocker ransomware

On Monday 7th of March 2022, the United States Federal Bureau of Investigation (FBI) released a joint TLP:WHITE flash alert revealed that RagnarLocker ransomware gang has breached the networks of at least 52 organizations across 10 critical infrastructure sectors. These affected sectors include “entities in the critical manufacturing, energy, financial services, government, and information technology sectors”.

This flash alert was released in coordination with CISA with the goal of providing key cyber threat information to help security professionals and organisations to detect and counter against ransomware attack attempts from RagnarLocker ransomware gang.

The alert also revealed that “RagnarLocker ransomware actors work as part of a ransomware family, frequently changing obfuscation techniques to avoid detection and prevention.” A common trend which has been identified is RagnarLocker operators will iterates through all running services on the target machines and will terminate remote management software commonly used by managed service providers (MSPs) to administer systems and network remotely.

Leave a Reply

Your email address will not be published.