A notorious disk-encrypting ransomware detected as ‘Mamba ransomware that hit organisations last year has made a comeback globally, including in India, media reported.
Cyber security firms like Kaspersky Labs and Trend Micro have confirmed the rise of ‘Mamba’ this year. How many Indian firms were hit is yet to be confirmed.
The ransomware, also known as ‘HDDCryptor’, is notorious for encrypting hard drives instead of just files.
Its return comes after researchers suggested that the ransomware designed for destruction, rather than extorting a Bitcoin ransom for profit, is set to become the new normal.
“Analysis on a sample of 62,000 emails linked to the ‘IKARUSdilapidated’ campaign by Comodo Threat Intelligence Lab revealed a sophisticated adversary utilising 11,625 different IP addresses spread across 133 different countries like Vietnam, India, Mexico, Turkey and Indonesia,” ThreatPost reported on Thursday.
The behaviour of the ransomware is similar to families like ‘Crysis’ and ‘Erebus Linux’ ransomware that leveraged exploits to gain unauthorised administrator-level access to machines.
‘Mamba’ had primarily affected some organisations in Brazil and specifically, San Francisco Municipal Transportation Agency last November.
‘Mamba’ ransomware mostly targets big organisations and governmental bodies.
Post Your Comments