Blog

New Ransomware Strains Have Researchers On Their Toes

Mar 26, 2021 | Blog

Recently, researchers have discovered two new ransomware strains, dubbed “AlumniLocker” and “Humble”, both of which have very different ways of doing what they do.

This highlights the ongoing development and diversification of the larger ransomware threat and underscores the fact that it will be a major cause for concern in the years ahead.

Both new strains were discovered by researchers at Trend Micro. In the case of AlumniLocker, it seems to be a new variant of the Thanos ransomware. Although new to the game, is notable for its exorbitant ransom demands, as high as $450,000, payable in Bitcoin, in one recent successful attack.

AlumniLocker

This one is delivered along fairly conventional means, via a malicious PDF that purports to be an invoice and delivered via phishing emails, hoping to lure unsuspecting victims into opening the file. As is increasingly the case in the world of ransomware attacks, AlumniLockers controllers threaten to publish stolen data if their demands are not met within 48 hours of the attack.

There are two competing theories about the high ransom demands: One is that the group behind the new strain isn’t in it for the money as much as they are the damage that publication of the data may cause. If they get a payout, great. If it proves too high, causing some companies to balk, then they get to inflict pain in the form of publication of sensitive and proprietary data.

Another theory is that the group is just starting out and still finding their footing. As such, they haven’t yet found the “sweet spot.” A payment demand low enough to be readily accepted by a desperate company but high enough to earn them consistent, easy profits.

Humble

This one is quite different. Although it is distributed in much the same way, their ransom demands are quite low; stunningly low in fact, in some cases as little as $10, again, payable in Bitcoin. This has led researchers to conclude that Humble is meant to target end users, rather than large organizations, or, if the hackers shift gears and begin targeting organization, we should expect to see the amount of the ransom increase quite a bit.

Another feature that makes Humble stand out is that they pressure victims into paying by threatening to rewrite their Master Boot Record, rendering the machine entirely unusable. Also of interest, it utilizes Discord (a voice, text and video service) to send reports back to its controllers.

If you have yet to encounter either of these new threats, stay tuned. It’s probably just a matter of time, so stay on your guard.

FBI Program Tasked with Infrastructure Security Compromised

FBI Program Tasked with Infrastructure Security Compromised

The FBI program tasked with ensuring critical infrastructure security has been compromised by hackers, who now offer access to the program's data on the dark web. The breach was initially disclosed by Brian Krebs of Krebs on Security, who claims that the data was for...

Streamline Your Business with the Latest Smart Home Technology

Streamline Your Business with the Latest Smart Home Technology

Are you a business owner looking to get the most out of your Google smart home devices? If so, you're in luck! Google has enabled its Nest products and Android OS with the initial rollout of the Matter smart home standard. This means that businesses now have the...

Data Breach at Sequoia One Exposes Sensitive Customer Information

Data Breach at Sequoia One Exposes Sensitive Customer Information

What do you do when your most personal information has been compromised? This is likely the question that customers of Sequoia One asked themselves earlier this month as they were informed that the company had been hacked. Sequoia One specializes in the management of...

Cisco Reports Critical IP Phone Vulnerability

Cisco Reports Critical IP Phone Vulnerability

As a business owner, it's important to stay informed about potential vulnerabilities that could impact your organization. Recently, Cisco reported a critical vulnerability, tracked as CVE-2022-20968, affecting its IP Phone 7800 and 8800 Series. This new vulnerability...

Google Chrome Releases Two New Features

Google Chrome Releases Two New Features

Google Chrome is one of the more commonly used web browsers. Over the years, though, Chrome has gained a reputation for utilizing a large portion of a computer's memory. This can be a problem if you're running other resource-intensive tasks and don't want to slow...

Get a Free Consultation

 

Fill out the form below to receive a free consultation and learn how we can make your technology worry-free!

 

Contact Information

  • 39301 Badger Street, Suite 500
    Palm Desert, CA 9221
  • (760) 333-8523
  • info@icn.tech