“In an FBI Flash Alert marked as TLP
“Since January 2019, LockerGoga ransomware has targeted large corporations and organizations in the United States, United Kingdom, France, Norway, and the Netherlands. The MegaCortex ransomware, first identified in May 2019, exhibits Indicators of Compromise (IOCs), command and control (C2) infrastructure, and targeting similar to LockerGoga.” reads the Flash Alert released by the FBI.
Threat actors leverage multiple techniques to compromise network of private organizations and deliver the LockerGoga and MegaCortex ransomware.
Feds remind that both ransomware implements a secure encryption algorithm that means
According to the alert, attackers leverage exploits, phishing attacks, credential stuffing to deliver the malware.
Once attackers have compromised the target network, they will deploy the post-exploitation tool Cobalt Strike.
Experts believe the attackers deploy such kind of tools to
This move is shocking and brings the ransomware attack to a higher level of threat, we can expect that other cybercrime gangs will adopt a similar strategy to blackmail the victims and force them to pay the ransom. In t
The FBI states the attackers attempt to terminate any process associated with security solutions by executing a kill.bat or
The threat actors behind these ransomware attacks also use a variety of LOLBins and legitimate software such
The FBI offers guidance and mitigation advise that business owners should utilize to minimize their risk to the LockerGoga and MegaCortex ransomware.
The FBI recommends organizations to backup