{"id":1964,"date":"2022-03-30T08:54:30","date_gmt":"2022-03-30T08:54:30","guid":{"rendered":"https:\/\/fortgale.com\/threats\/?page_id=1964"},"modified":"2024-01-03T09:17:26","modified_gmt":"2024-01-03T09:17:26","slug":"ransomware","status":"publish","type":"page","link":"https:\/\/fortgale.com\/threats\/ransomware\/","title":{"rendered":"Ransomware"},"content":{"rendered":"
\n \n
\n \n \n
\n \n
\n \n
\n \n
\n
\n \n \n
\n \n
\n \n
\n \n \n

Lockbit<\/h3>\n <\/div>\n <\/div>\n
\n \n \n
\n

Alias: <\/span>BITWISE SPIDER<\/span><\/p>\n <\/div>\n <\/div>\n

\n \n \n
\n

The first activities attributed to Lockbit were recorded in September 2019, Ransomware became popular in 2021 thanks to the development of the LockBit 2.0 RaaS.<\/strong><\/p>\n

The Ransomware was used in attacks on more than 2,000 companies worldwide.<\/p>\n

Lockbit uses the double extortion technique, in addition to that for data they require an additional ransom for non-disclosure of sensitive data.<\/p>\n

LockBit affiliates (or Operators) often perform\n Brute-Force activities to gain RDP or VPN access to Companies, often purchase credentials in criminal marketplaces or use Phishing techniques to compromise victims’ accounts.<\/u>\n <\/p>\n

This ransomware uses AES algorithm in CBC mode to encrypt victims’ data.<\/p>\n <\/div>\n <\/div>\n

\n \n
\n \n \n
Sources:<\/h6>\n <\/div>\n <\/div>\n
\n \n
Fortgale Analysis<\/span><\/a>\n <\/span> Malpedia<\/span><\/a>\n <\/span>\n <\/div>\n <\/div>\n <\/div>\n <\/div>\n <\/div>\n
\n
\n \n \n
\n \n
\n \n
\n \n \n

Conti<\/h3>\n <\/div>\n <\/div>\n
\n \n \n
\n

Alias: –<\/strong><\/p>\n <\/div>\n <\/div>\n

\n \n \n
\n

The Conti criminal group develops and maintains the RaaS (Ransomware-as-a-Service) service, the first samples of which date back to 2019.<\/p>\n

This is a highly efficient, multi-threaded ransomware used in targeted operations against large businesses. The name derives from the “.CONTI” format in which files encrypted via AES-256 and RSA-4096 are saved.<\/p>\n

Initial access to infrastructure is often achieved through malware such as EMOTET, TRICKBOT<\/strong> and COBALT STRIKE<\/strong>, or through RDP and VPN credential theft.<\/p>\n <\/div>\n <\/div>\n

\n \n
\n \n \n
Sources:<\/h6>\n <\/div>\n <\/div>\n
\n \n
Fortgale Analysis<\/span><\/a>\n <\/span> Malpedia<\/span><\/a>\n <\/span>\n <\/div>\n <\/div>\n <\/div>\n <\/div>\n <\/div>\n
\n
\n \n \n
\n \n
\n \n
\n \n \n

Hive<\/h3>\n <\/div>\n <\/div>\n
\n \n \n
\n

Alias: VICE SPIDER
<\/strong><\/p>\n <\/div>\n <\/div>\n

\n \n \n
\n

Hive is the name of the group that develops and maintains the Hive RaaS <\/strong>service, born in 2021. The affiliates, to compromise the victim infrastructures, exploit various techniques based on the initial compromise via\n Phishing and Malware.<\/p>\n

Hive uses the double extortion technique<\/strong>, in addition to the ransom for the data, it requests an additional ransom for the non-disclosure of sensitive data.<\/p>\n <\/div>\n <\/div>\n

\n \n
\n \n \n
Sources:<\/h6>\n <\/div>\n <\/div>\n
\n \n
Fortgale Analysis<\/span><\/a>\n <\/span> Malpedia<\/span><\/a>\n <\/span>\n <\/div>\n <\/div>\n <\/div>\n <\/div>\n <\/div>\n <\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"

Lockbit Alias: BITWISE SPIDER The first activities attributed to Lockbit were recorded in September 2019, Ransomware became popular in 2021 thanks to the development of the LockBit 2.0 RaaS. The Ransomware was used in attacks on more than 2,000 companies worldwide. Lockbit uses the double extortion technique, in addition to that for data they require […]<\/p>\n","protected":false},"author":7,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"page-templates\/full-width-page.php","meta":{"footnotes":""},"class_list":["post-1964","page","type-page","status-publish","hentry"],"yoast_head":"\nFortgale and Cyber Threats - Ransomware<\/title>\n<meta name=\"description\" content=\"Informazioni tecniche relative a Malware, Ransomware, strumenti offensivi e tecniche di compromissione.\" \/>\n<meta name=\"robots\" content=\"noindex, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"it_IT\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Fortgale and Cyber Threats - Ransomware\" \/>\n<meta property=\"og:description\" content=\"Informazioni tecniche relative a Malware, Ransomware, strumenti offensivi e tecniche di compromissione.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/fortgale.com\/threats\/ransomware\/\" \/>\n<meta property=\"og:site_name\" content=\"Fortgale and Cyber Threats\" \/>\n<meta property=\"article:modified_time\" content=\"2024-01-03T09:17:26+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/fortgale.com\/threats\/wp-content\/uploads\/sites\/3\/2022\/03\/Fortgale_Threats.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1920\" \/>\n\t<meta property=\"og:image:height\" content=\"1080\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Tempo di lettura stimato\" \/>\n\t<meta name=\"twitter:data1\" content=\"3 minuti\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/fortgale.com\\\/threats\\\/ransomware\\\/\",\"url\":\"https:\\\/\\\/fortgale.com\\\/threats\\\/ransomware\\\/\",\"name\":\"Fortgale and Cyber Threats - Ransomware\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/fortgale.com\\\/threats\\\/#website\"},\"datePublished\":\"2022-03-30T08:54:30+00:00\",\"dateModified\":\"2024-01-03T09:17:26+00:00\",\"description\":\"Informazioni tecniche relative a Malware, Ransomware, strumenti offensivi e tecniche di compromissione.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/fortgale.com\\\/threats\\\/ransomware\\\/#breadcrumb\"},\"inLanguage\":\"it-IT\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/fortgale.com\\\/threats\\\/ransomware\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/fortgale.com\\\/threats\\\/ransomware\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/fortgale.com\\\/threats\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Ransomware\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/fortgale.com\\\/threats\\\/#website\",\"url\":\"https:\\\/\\\/fortgale.com\\\/threats\\\/\",\"name\":\"Fortgale and Cyber Threats\",\"description\":\"Fortgale Threats, ATT&CK, Malware...\",\"publisher\":{\"@id\":\"https:\\\/\\\/fortgale.com\\\/threats\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/fortgale.com\\\/threats\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"it-IT\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/fortgale.com\\\/threats\\\/#organization\",\"name\":\"Fortgale\",\"url\":\"https:\\\/\\\/fortgale.com\\\/threats\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"it-IT\",\"@id\":\"https:\\\/\\\/fortgale.com\\\/threats\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/fortgale.com\\\/threats\\\/wp-content\\\/uploads\\\/sites\\\/3\\\/2022\\\/04\\\/logo_blu.png\",\"contentUrl\":\"https:\\\/\\\/fortgale.com\\\/threats\\\/wp-content\\\/uploads\\\/sites\\\/3\\\/2022\\\/04\\\/logo_blu.png\",\"width\":558,\"height\":125,\"caption\":\"Fortgale\"},\"image\":{\"@id\":\"https:\\\/\\\/fortgale.com\\\/threats\\\/#\\\/schema\\\/logo\\\/image\\\/\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Fortgale and Cyber Threats - Ransomware","description":"Informazioni tecniche relative a Malware, Ransomware, strumenti offensivi e tecniche di compromissione.","robots":{"index":"noindex","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"og_locale":"it_IT","og_type":"article","og_title":"Fortgale and Cyber Threats - Ransomware","og_description":"Informazioni tecniche relative a Malware, Ransomware, strumenti offensivi e tecniche di compromissione.","og_url":"https:\/\/fortgale.com\/threats\/ransomware\/","og_site_name":"Fortgale and Cyber Threats","article_modified_time":"2024-01-03T09:17:26+00:00","og_image":[{"width":1920,"height":1080,"url":"https:\/\/fortgale.com\/threats\/wp-content\/uploads\/sites\/3\/2022\/03\/Fortgale_Threats.png","type":"image\/png"}],"twitter_card":"summary_large_image","twitter_misc":{"Tempo di lettura stimato":"3 minuti"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/fortgale.com\/threats\/ransomware\/","url":"https:\/\/fortgale.com\/threats\/ransomware\/","name":"Fortgale and Cyber Threats - Ransomware","isPartOf":{"@id":"https:\/\/fortgale.com\/threats\/#website"},"datePublished":"2022-03-30T08:54:30+00:00","dateModified":"2024-01-03T09:17:26+00:00","description":"Informazioni tecniche relative a Malware, Ransomware, strumenti offensivi e tecniche di compromissione.","breadcrumb":{"@id":"https:\/\/fortgale.com\/threats\/ransomware\/#breadcrumb"},"inLanguage":"it-IT","potentialAction":[{"@type":"ReadAction","target":["https:\/\/fortgale.com\/threats\/ransomware\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/fortgale.com\/threats\/ransomware\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/fortgale.com\/threats\/"},{"@type":"ListItem","position":2,"name":"Ransomware"}]},{"@type":"WebSite","@id":"https:\/\/fortgale.com\/threats\/#website","url":"https:\/\/fortgale.com\/threats\/","name":"Fortgale and Cyber Threats","description":"Fortgale Threats, ATT&CK, Malware...","publisher":{"@id":"https:\/\/fortgale.com\/threats\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/fortgale.com\/threats\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"it-IT"},{"@type":"Organization","@id":"https:\/\/fortgale.com\/threats\/#organization","name":"Fortgale","url":"https:\/\/fortgale.com\/threats\/","logo":{"@type":"ImageObject","inLanguage":"it-IT","@id":"https:\/\/fortgale.com\/threats\/#\/schema\/logo\/image\/","url":"https:\/\/fortgale.com\/threats\/wp-content\/uploads\/sites\/3\/2022\/04\/logo_blu.png","contentUrl":"https:\/\/fortgale.com\/threats\/wp-content\/uploads\/sites\/3\/2022\/04\/logo_blu.png","width":558,"height":125,"caption":"Fortgale"},"image":{"@id":"https:\/\/fortgale.com\/threats\/#\/schema\/logo\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/fortgale.com\/threats\/wp-json\/wp\/v2\/pages\/1964","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/fortgale.com\/threats\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/fortgale.com\/threats\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/fortgale.com\/threats\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/fortgale.com\/threats\/wp-json\/wp\/v2\/comments?post=1964"}],"version-history":[{"count":20,"href":"https:\/\/fortgale.com\/threats\/wp-json\/wp\/v2\/pages\/1964\/revisions"}],"predecessor-version":[{"id":3273,"href":"https:\/\/fortgale.com\/threats\/wp-json\/wp\/v2\/pages\/1964\/revisions\/3273"}],"wp:attachment":[{"href":"https:\/\/fortgale.com\/threats\/wp-json\/wp\/v2\/media?parent=1964"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}