The FBI has issued a warning (MU-000140-MW) about an increase in Ragnar Locker ransomware activity to private industry partners. Industries that have been affected by this ransomware include cloud service providers, communication, construction, travel, and enterprise software. Security professionals and system administrators at companies were provided with indicators of compromise so they could deal with the ransomware as soon as it’s detected. When Ragnar Locker initially begins to infect an organization, it goes through a reconnaissance stage before data is exfiltrated to discover as much resources, backups, and sensitive files it can find. Ragnar Locker is especially dangerous because it pulls up a list of running services and kills any services that are used for remotely managing networks. Like other ransomware from the past year, Ragnar Locker extorts victims by not only encrypting all of their files, but by also threatening to leak the stolen files to the public if the ransom is not paid. For more information, feel free to check out the link below.
The FBI has issued a warning to companies about scammers impersonating construction companies to target critical US infrastructure sectors.
The FTC reports that since October 2020 there has been more than $80 million dollar in losses due to cryptocurrency investment scams.