Sophos, a global leader in endpoint and network security, has released alert about a new ransomware that is threatening businesses calledMegaCortex.
According to the Sophos research team, MegaCortex is a relatively little-seen malware that suddenly spiked in volume on May 1. Sophos has seen MegaCortex detections in the US, Canada, Argentina, Italy, the Netherlands, France, Ireland, Hong Kong, Indonesia, and Australia.
The research team also figured out that the adversaries behind MegaCortex use more automated tools to carry out the attack which is able to spread the infection to more victims, more quickly.
As indicated in this SophosLabs Uncut article, there is no explicit value for the ransom demand in the ransom note. The attackers invite victims to email them on either of two free mail.com email addresses and send along a file that the ransomware drops on the victim’s hard drive to request decryption “services.”
Sophos has also made the following protection recommendation to businesses:
- It appears that there’s a strong correlation between the presence of MegaCortex, and a pre-existing, ongoing infection on the victims’ networks with both Emotet and Qbot. If IT managers are seeing alerts about Emotet or Qbot infections, those should take a high priority. Both of those bots can be used to distribute other malware, and it’s possible that’s how the MegaCortex infections got their start.
- Sophos has not seen any indication so far that Remote Desktop Protocol (RDP) has been abused to break into networks, but it is known that holes in enterprise firewalls that allow people to connect to RDP remain relatively common. This practice is strong discouraged and it is suggested that any IT admin who wishes to do this put the RDP machine behind a VPN.
- The adoption of two-factor authentication wherever possible is encouraged.
- Keeping regular backups of your most important and current data on an offline storage device is the best way to avoid having to pay a ransom.
- Use anti-ransomware protection, such as Sophos Intercept X, to block MegaCortex and future ransomware
Commenting on the study, Sophos Senior Security Advisor John Shier, said:
“We suspect this is your script kiddie/living-off-the-land ‘mega bundle’ and a good example of what we’ve lately been calling cybercriminal pen-testing.
“The MegaCortex attackers have taken the blended threat approach and turned it up to 11, by increasing the automated component to target more victims. Once they have your admin credentials, there’s no stopping them. Launching the attack from your own domain controller is a great way for the attackers to inherit all the authority they need to impact everything in an organization. Organizations need to pay attention to basic security controls and perform security assessments, before the criminals do, to prevent attackers like these from slipping through”.
As an Amazon Associate, TechCity may earn a small commission if you shop these products.
MAYBESTA Professional Wireless Lavalier Lapel Microphone for iPhone, iPad - Cordless Omnidirectional Condenser Recording Mic for Interview Video Podcast Vlog YouTube
$25.99 (as of April 24, 2024 07:25 GMT +01:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Ailun 3 Pack Screen Protector for iPhone 15 Pro Max [6.7 inch] + 3 Pack Camera Lens Protector with Installation Frame,Sensor Protection,Dynamic Island Compatible,Case Friendly Tempered Glass Film
$6.89 (as of April 24, 2024 07:25 GMT +01:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
3-Pack [3.3FT+6.6FT+10FT] 60W USB C to USB C Cable, Type C to Type C Cable,Fast Charging Cable Compatible with iPhone 15/Plus/15 Pro/Pro Max,Samsung Galaxy S23 S22, iPad Pro, MacBook Air and More
$9.83 (as of April 24, 2024 07:25 GMT +01:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
INIU Portable Charger, Slimmest 10000mAh 5V/3A Power Bank, USB C in&Out High-Speed Charging Battery Pack, External Phone Powerbank Compatible with iPhone 15 14 13 12 X Samsung S22 S21 Google iPad etc
$17.99 (as of April 24, 2024 07:25 GMT +01:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Premier Protein Shake, Chocolate, 30g Protein 1g Sugar 24 Vitamins Minerals Nutrients to Support Immune Health, 11.5 fl oz (Pack of 12)
$26.13 (as of April 24, 2024 07:25 GMT +01:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Dell 65W USB-C Laptop Charger for XPS and Latitude 5000 - Power Cord Included
$25.68 (as of April 23, 2024 07:25 GMT +01:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
TP-Link AX1800 WiFi 6 Router (Archer AX21) – Dual Band Wireless Internet Router, Gigabit Router, Easy Mesh, Works with Alexa - A Certified for Humans Device
$84.99 (as of April 23, 2024 07:25 GMT +01:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
havit HV-F2056 15.6"-17" Laptop Cooler Cooling Pad - Slim Portable USB Powered (3 Fans), Black/Blue
$22.39 (as of April 23, 2024 07:25 GMT +01:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Charger for Lenovo Laptop, Thinkpad, Yoga, USB C, 65W 45W (UL Safety Certified)
$15.99 (as of April 23, 2024 07:25 GMT +01:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
