Content |
History
2023: Cyberattacks in Russia
In March 2023, BI.Zone, a cybersecurity company, reported attacks by the Key Wolf hacker group on Russian users. According to information security experts, attackers distribute a file with a ransomware virus that encrypts all data on the computer. Moreover, victims do not have the opportunity to decrypt data, even for a ransom.
According to BI.Zone, cyber incidents use two types of files that attackers send to victims, presumably via email. The files are called "Inform registered.exe" and "Inform registered.hta." In the first case, it is a self-extracting archive that contains two files: gUBmQx.exe and LICENSE. In the second case, the gUBmQx.exe file is downloaded unnoticed by the user from the Zippyshare file exchanger in the background.
The ransomware encrypts data on hard drives, puts an illustration with the grouping logo on the desktop and displays a message in English. It talks about the purpose of the attack - to destroy Russian computers. Fraudsters offer to help them in this, and this requires transferring money to their bitcoin wallet.
 | The activity of ransomware has not subsided over the past few years, and we see the emergence of more and more modifications of such malware. In most cases, ransomware attacks private companies, but does not bypass ordinary users. Usually such attackers are financially motivated, but recently we have increasingly recorded the use of ransomware in order to disable computer systems beyond repair, and the Key Wolf attack is just one of these examples, "said Oleg Skulkin, head of cyber intelligence at BI.Zone.[1] |  |
Notes
| The site content is translated by machine translation software powered by PROMT. The machine-translated articles are not always perfect and may contain errors in vocabulary, syntax or grammar. Read original article If you find inaccuracies or errors in the results of machine translation, please write to editor@tadviser.ru. We will make every effort to correct them as soon as possible. |