Surge in Social Engineering: Enterprises Hit by Ransomware Blitz
May 15, 2024Cybersecurity researchers have identified an active social engineering campaign that began in late April 2024, targeting enterprises through spam emails and phone calls.
The campaign's objective is to bypass email security and coerce users into installing software that allows for remote access and additional malware downloads for credential theft and sustained access.
Attackers are using Cobalt Strike beacons and remote access trojans to infiltrate networks, with connections to the Black Basta ransomware operators.
A separate LockBit Black ransomware campaign utilizes the Phorpiex botnet to spread ransomware via email.
The Mallox ransomware group exploits Microsoft SQL servers, operates on a ransomware-as-a-service model, and uses a double extortion tactic, targeting various industries.
Summary based on 1 source
Get a daily email with more Tech stories
Source
The Hacker News • May 14, 2024
Ongoing Campaign Bombarded Enterprises with Spam Emails and Phone Calls