More than two-dozen US organizations — several of them Fortune 500 companies — were attacked in recent days by a known threat group looking to deploy a dangerous new strain of ransomware called WastedLocker.
Had the attacks succeeded, they could have resulted in millions of dollars in damages to the organizations and potentially had a major impact on supply chains in the US, Symantec said in a report Thursday.
According to the security vendor, at least 31 of its customers were targeted, suggesting the actual scope of the attacks is much higher. Eleven of the companies are publicly listed, and eight are in the Fortune 500.
Among those affected were five organizations in the manufacturing sector, four IT companies, and three media and telecommunications firms. Organizations in multiple other sectors — including energy, transportation, financial services, and healthcare — were also affected. In each instance, the attackers managed to breach the networks of the targeted organizations and were preparing to deploy the ransomware when they were detected and stopped.
"The attackers behind this threat appear to be skilled and experienced, capable of penetrating some of the most well protected corporations, stealing credentials, and moving with ease across their networks," Symantec warned. "As such, WastedLocker is a highly dangerous piece of ransomware."
Symantec described the attacks as being carried out by Evil Corp., a Russian cybercrime group that has been previously associated with the Dridex banking Trojan and the BitPayment ransomware family. Last December, US authorities indicted two members associated with the group — Maksim Yakubets and Igor Turas ..
Support the originator by clicking the read the rest link below.
