April 19 Cyber News Roundup
Since June 2023, Sophos X-Ops has discovered 19 ‘junk gun’ ransomware variants—cheap, independently produced and crudely constructed ransomware variants—on the dark web. The developers of these junk gun variants are attempting to disrupt the traditional affiliate-based ransomware-as-a-service (RaaS) model that has dominated the ransomware racket for nearly a decade. Instead of selling or buying ransomware to or as an affiliate, attackers are creating and selling unsophisticated ransomware variants for a one-time cost—which other attackers sometimes see as an opportunity to target small and medium-sized businesses (SMBs), and even individuals.
?
UnitedHealth claims a recent hack on its Change Healthcare business cost it $872m in the first quarter of 2024 – and the toll is expected to rise throughout the year.
?
According to a new report by Kaspersky, the incident also highlights a concerning trend where attackers craft sophisticated ransomware capable of spreading autonomously within networks.
The malware variant, identified by the security firm, exhibits unprecedented features, including impersonation of system administrators and adaptive self-spreading across networks.
Leveraging highly privileged domain credentials, the ransomware can also turn off security measures, encrypt network shares and erase event logs to conceal its actions. Each infected host becomes a vector for further infection, amplifying the impact within the victim’s network.