Grief ransomware operators announced to have hacked US National Rifle Association (NRA) and threaten to leak the stolen data.
The NRA was added to the list of compromised organizations on the leak site of the group, that gang also published a set of documents as proof of the hack. The analysis of the sample doesn’t allow to determine whether the gang breached the organization or one of its branches.
Researchers link the Grief ransomware to the DoppelPaymer operations that is considered part of the Evil Corp.
Evil Corp has recently launched a new ransomware called Macaw Locker to evade US sanctions that prevent victims from making ransom payments.
The Evil Corp cybercrime group (aka the Dridex gang Indrik Spider, the Dridex gang, and TA505) has been active in cybercrime activities since 2007. The group started its operations by developing and distributing the infamous Dridex banking Trojan, then it switched to ransomware operation by infecting victims’ computer networks with the BitPaymer ransomware.
In 2019, the U.S. Department of Justice (DoJ) has charged Russian citizens Maksim V. (32) and Igor Turashev (38) for distributing the infamous Dridex banking Trojan, and for their involvement in international bank fraud and computer hacking schemes.
The US Government announced sanctions for ransomware negotiation firms that will support victims of the Evil Corp group in the ransom payments.
Due to these sanctions, Evil Corp launched several ransomware operations that employed different strains of ransomware, such as WastedLocker, Hades, Phoenix Locker, and PayloadBin.
Follow me on Twitter: @securityaffairs and Facebook
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, NRA)
[adrotate banner=”5″]
[adrotate banner=”13″]
The FBI has removed Chinese PlugX malware from over 4,200 computers in networks across the…
Russia-linked threat actor UAC-0063 targets Kazakhstan to gather economic and political intelligence in Central Asia.…
Experts warn of a new campaign targeting an alleged zero-day in Fortinet FortiGate firewalls with…
A critical vulnerability in Aviatrix Controller is actively exploited to deploy backdoors and cryptocurrency miners…
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds BeyondTrust PRA and RS and Qlik Sense…
FunkSec, a new ransomware group that attacked more than 80 victims in December 2024, was…
This website uses cookies.