FBI Releases Flash Alert on Netwalker Ransomware

The Federal Bureau of Investigations (FBI) released a flash alert warning organizations of the dangers of Netwalker ransomware.

On July 28, the FBI revealed in Flash alarm MI-000130-MW that it had received notifications of attacks by Netwalker against US and foreign government organizations, as well as healthcare and education companies.

As early as March 2020, there was news of a Netwalker ransomware attack that helped shut down a Illinois health agency website. It was a few months later when a sheltered service provider in Maryland exposed a data security incident in which attackers had used the ransomware to encrypt some of its information.

In its warning, the FBI found that Netwalker officers had used COVID 19 phishing emails and unpatched vulnerabilities affecting VPN apps to gain access to an organization. The malicious actors then used their crypto-malware to collect administrator credentials and steal data from their victims. Ultimately, the attackers uploaded this stolen information to a file sharing service.

As soon as they came into possession of a victim's data, the shameful persons activated the encryption routine of the ransomware. This step led to the risk of encrypting all connected Windows-based devices and information before a ransom note was placed on the infected computer.

Screenshot of a Netwalker ransom note. (Source: Bleeping computer)

The FBI took a moment to force organizations that had been infected with Netwalker not to pay the attackers. The importance of organizations reporting a successful attack was also highlighted.

As quoted in his bulletin:

Regardless of whether you or your organization has decided to pay the ransom, the FBI urges you to report ransomware incidents to your local branch. This provides investigators with the vital information they need to track down ransomware attackers, hold them accountable under U.S. law, and prevent future attacks.

This FBI warning highlights the need for organizations to generally defend themselves against ransomware. You can do this by following these steps to prevent a crypto malware infection from occurring at all.

More information about Netwalker can be found here.



Source link

Be the first to comment

Leave a Reply

Your email address will not be published.


*