A new cybercrime group known as RA GROUP has emerged and claimed to have stolen almost 2.5 terabytes of data from four victims, including three in the United States, just weeks after it emerged online. Researchers from Cisco Talos revealed that the latest hacker group has already listed its victims on its leak site, with the targets including a smaller insurance company and two larger financial services firms and an electronics supplier servicing industries such as computer, communication, aerospace, marine, and military. The group is just the latest to use the Babuk ransomware source code, which a developer leaked in September 2021 on a Russian-language forum.
Babuk ransomware source code has been used numerous times since the leak by other cybercrime outfits, including TORILLIA and ten ransomware families deploying VMware ESXi hypervisor lockers, according to researchers with SentinelLabs. As a result, ransomware campaigns using Babuk code skyrocketed in just a few months, presenting a significant concern for internet security. The emergence of RA GROUP proves that future copycat groups could emerge and conduct online theft.
The RA GROUP website has undergone cosmetic changes since its publication, indicating that it is still in the early stages of their operation. However, the group has shown some unusual characteristics that differ from other ransomware groups. For instance, it uses custom ransom notes for each victim, informing them that they have three days to pay before a sample is published, and seven days before the full set is published. The victim’s entities’ names are also hardcoded into the executable files, according to researchers, which is unusual behaviour for ransomware groups.
The rise in Babuk ransomware source code usage by different groups highlights the urgent need for stronger cybersecurity measures to mitigate cyber threats. Companies and organizations should invest in better cybersecurity controls, such as endpoint protection and network segmentation and educate their employees about the importance of online security. Regular data backups should also be conducted to reduce the impact of ransomware attacks.
Moreover, government regulations should be established to prevent the sale and use of stolen source codes such as Babuk ransomware code. Using the law as an instrument to promote and regulate cybersecurity compliance by companies can also help reduce cybercrime. In the face of the rise in cyber threats, it is crucial for everyone to take online security seriously.
<< photo by cottonbro studio >>
You might want to read !
- “PharMerica’s Massive Data Breach: An Alarming Reality Check for Healthcare Security”
- “Designer Ransomware: Linux and VMWare ESXi Systems Under Attack by New ‘MichaelKors’ Ransomware-as-a-Service”
- UK Pension Funds Among Victims of Capita Cyberattack
- “Unveiling the Decade-Long Data Breach of Toyota: Records of 2 Million Cars at Stake”
- WordPress Field Builder Plugin Vulnerability: Patch Not Enough as Attacks Continue
- “Smart Meters: A New Vulnerability in the Electricity Grid for Hackers to Exploit”
- US DOJ Offers $10 Million Reward for Information on Alleged Russian Cyber Criminal “Evil Corp” Leader
- “The rise of smart homes: Privacy concerns and the impact on personal data”
- “Combatting Ransomware Attacks: Enhancing Cybersecurity with Identity-Focused Protection”
- The Herculean Task of Identifying Compromised Data: A Logistical Nightmare
