1.9 C
New York
Thursday, December 7, 2023

FBI Warns of Rising Development of Twin Ransomware Assaults Concentrating on U.S. Firms

Sep 30, 2023THNRansomware / Cyber Risk


The U.S. Federal Bureau of Investigation (FBI) is warning of a brand new pattern of twin ransomware assaults concentrating on the identical victims, a minimum of since July 2023.

“Throughout these assaults, cyber risk actors deployed two completely different ransomware variants towards sufferer corporations from the next variants: AvosLocker, Diamond, Hive, Karakurt, LockBit, Quantum, and Royal,” the FBI mentioned in an alert. “Variants had been deployed in numerous mixtures.”

Not a lot is thought concerning the scale of such assaults, though it is believed that they occur in shut proximity to 1 one other, starting from wherever between 48 hours to inside 10 days.


One other notable change noticed in ransomware assaults is the elevated use of customized information theft, wiper instruments, and malware to exert stress on victims to pay up.

“This use of twin ransomware variants resulted in a mix of knowledge encryption, exfiltration, and monetary losses from ransom funds,” the company mentioned. “Second ransomware assaults towards an already compromised system might considerably hurt sufferer entities.”

It is value noting that twin ransomware assaults should not a completely novel phenomenon, with situations noticed as early as Could 2021.

Final yr, Sophos revealed that an unnamed automotive provider had been hit by a triple ransomware assault comprising Lockbit, Hive, and BlackCat over a span of two weeks between April and Could 2022.


Then, earlier this month, Symantec detailed a 3AM ransomware assault concentrating on an unnamed sufferer following an unsuccessful try and ship LockBit within the goal community.

The shift in techniques boils all the way down to a number of contributing elements, together with the exploitation of zero-day vulnerabilities and the proliferation of preliminary entry brokers and associates within the ransomware panorama, who can resell entry to sufferer methods and deploy numerous strains in fast succession.

Organizations are suggested to strengthen their defenses by sustaining offline backups, monitoring exterior distant connections and distant desktop protocol (RDP) use, imposing phishing-resistant multi-factor authentication, auditing person accounts, and segmenting networks to stop the unfold of ransomware.

Discovered this text fascinating? Comply with us on Twitter and LinkedIn to learn extra unique content material we publish.

Related Articles


Please enter your comment!
Please enter your name here

Latest Articles