Ragnar Ransomware Archives - Security Affairs

Pierluigi Paganini September 01, 2022

Ragnar Locker ransomware gang claims to have stolen data from TAP Air Portugal

The Ragnar Locker ransomware gang claims to have hacked the Portuguese state-owned flag carrier airline TAP Air Portugal and stolen customers’ data. The Ragnar Locker ransomware added the Portuguese state-owned flag carrier airline TAP Air Portugal to its leak site and claims to have stolen customers’ data. On August 26, the Portugues company announced via […]

Pierluigi Paganini March 04, 2021

Group-IB: ransomware empire prospers in pandemic-hit world. Attacks grow by 150%

Group-IB published a report titled “Ransomware Uncovered 2020-2021”. analyzes ransomware landscape in 2020 and TTPs of major threat actors. Group-IB, a global threat hunting and adversary-centric cyber intelligence company, has presented its new report “Ransomware Uncovered 2020-2021”. The research dives deep into the global ransomware outbreak in 2020 and analyzes major players’ TTPs (tactics, techniques, and procedures). By […]

Pierluigi Paganini November 11, 2020

Ragnar Locker ransomware gang advertises Campari hack on Facebook

Ragnar Locker Ransomware operators have started to run Facebook advertisements to force their victims into paying the ransom. In November 2019, ransomware operators have started adopting a new double-extortion strategy first used by the Maze gang that sees threat actors also stealing unencrypted files before encrypting infected systems. Then the attackers threaten to release the stolen […]

Pierluigi Paganini November 06, 2020

Prominent Italian firms under attack, Campari is the last one

Campari Group, the Italian beverage giant has been hit by a ransomware attack that forced the company to shut down a large part of its IT network. Campari Group, the Italian beverage giant has been hit by a ransomware attack that forced the company to shut down a large part of its IT network. The […]

Pierluigi Paganini September 29, 2020

Maritime transport and logistics giant CMA CGM hit with ransomware

The French maritime transport and logistics giant CMA CGM S.A. revealed it was the victim of a malware attack that affecting some servers on its network. CMA CGM S.A., a French maritime transport and logistics giant, revealed that a malware attack affected some servers on its network. The company is present in over 160 countries through 755 […]

Pierluigi Paganini May 25, 2020

Ragnar Ransomware encrypts files from virtual machines to evade detection

Ransomware encrypts from virtual machines to evade antivirus Ragnar Locker deploys Windows XP virtual machines to encrypt victim’s files, the trick allows to evaded detection from security software. Crooks always devise new techniques to evade detection, the Ragnar Locker is deploying Windows XP virtual machines to encrypt victim’s files while bypassing security measures. The Ragnar […]