With a surge in law enforcement operations against cybercriminals, Threat Actors are attempting to make their operations more low profile to avoid becoming a priority target of law enforcement agencies. The ransomware binary is a 32-bit console-based executable, as shown in Figure 1.įigure 15 – Sugar Ransomware Chat Support. Instead of targeting large organizations and publishing data leaks on dedicated leak websites, Sugar operates quite stealthily and avoids being mentioned in the news.Ĭyble Research Labs has analyzed a sample, and our findings have been presented in this blog. Sugar ransomware has not been making news because of its operational tactics. The Sugar ransomware appends the extension encoded01 to the end of the encrypted file’s name hence this ransomware is also often referred to as ‘Encoded01’ ransomware. This ransomware is named ‘Sugar’ Ransomware because the affiliate website is sugarpanel.space. The Walmart Security Team has identified a new Ransomware-as-a-Service (RaaS) group, primarily targeting small businesses and individual systems for relatively low ransom amounts. The impact of cyber-attacks has been increasing, which has put law enforcement agencies on high alert, leading to the arrests of Threat Actors (TAs) via their cryptocurrency trails.
Ransomware operations are highly lucrative for cybercriminals. New Ransomware group conducting low-profile attacks
0 kommentar(er)
