Facebook Twitter Instagram
    • Privacy Policy
    • Contact Us
    Facebook Twitter Instagram Pinterest Vimeo
    AI Home SecurityAI Home Security
    • Home
    • Home Security
    • Cyber Security
    • Biometric Technology
    Contact
    AI Home SecurityAI Home Security
    Cyber Security

    ‘Dark Power’ Ransomware Extorts 10 Targets in Less Than a Month

    justmattgBy justmattgMarch 26, 2023No Comments3 Mins Read

    [ad_1]

    A nascent ransomware gang has burst onto the scene with vigor, breaching at least 10 organizations in less than a month’s time.

    The group, which Trellix researchers have named “Dark Power,” is in most ways like any other ransomware group. But it separates itself from the pack due to sheer speed and lack of tact — and its use of the Nim programming language.

    “We first observed them in the wild around the end of February,” notes Duy Phuc Pham, one of the authors of a Thursday blog post profiling Dark Power. “So it’s only been half a month, and already 10 victims are affected.”

    What’s odd is that there seems to be no rhyme or reason as to whom Dark Power targets, Trellix researchers said. The group has added to its body count in Algeria, the Czech Republic, Egypt, France, Israel, Peru, Turkey, and the US, across the agricultural, education, healthcare, IT, and manufacturing sectors.

    Using Nim as an Advantage

    One other significant way that Dark Power distinguishes itself is in its choice of programming language.

    “We see that there is a trend where cybercriminals are extending to other programming languages,” Pham says. The trend is fast spreading among threat actors. “So even though they’re using the same kind of tactics, the malware will evade detection.”

    Dark Power utilizes Nim, a high-level language its creators describe as efficient, expressive, and elegant. Nim was “a bit of an obscure language originally,” the authors noted in their blog post, but “is now more prevalent with regards to malware creation. Malware creators use it since it is easy to use and it has cross-platform capabilities.”

    It also makes it more difficult for the good guys to keep up. “The cost of the continuous upkeep of knowledge from the defending side is higher than the attacker’s required skill to learn a new language,” according to Trellix.

    What Else We Know About Dark Power

    The attacks themselves follow a well-worn ransomware playbook: Social-engineering victims through email, downloading and encrypting files, demanding ransoms, and extorting victims multiple times regardless of whether they pay.

    The gang also engages in classic double extortion. Even before victims know they’ve been breached, Dark Power “might have already collected their sensitive data,” Pham explains. “And then they use it for the second ransom. This time they say that if you’re not going to pay, we’re going to make the information public or sell it on the Dark Web.”

    As always, it’s a Catch-22, though, because “there is no guarantee that if you pay the ransom, there will be no consequences.”

    Thus, enterprises need to have policies and procedures in place to protect themselves, including the ability to detect Nim binaries.

    “They can try to establish robust backup and recovery systems,” says Pham. “This is, I think, the most important thing. We also suggest that organizations have a very precise, very powerful incident response plan in place before all of this can happen. With that, they can reduce the impact of the attack if it occurs.”

    [ad_2]

    Source link

    Previous ArticleMicrosoft Warns of Stealthy Outlook Vulnerability Exploited by Russian Hackers
    Next Article OpenAI Reveals Redis Bug Behind ChatGPT User Data Exposure Incident
    justmattg
    • Website

    Related Posts

    Cyber Security

    Name That Toon: Last Line of Defense

    April 16, 2024
    Cyber Security

    OpenJS Foundation Targeted in Potential JavaScript Project Takeover Attempt

    April 16, 2024
    Cyber Security

    Middle East Cyber Ops Intensify, With Israel the Main Target

    April 16, 2024
    Add A Comment

    Leave A Reply Cancel Reply

    Facebook Twitter Instagram Pinterest
    • Privacy Policy
    • Contact Us
    AI Home Security © 2025 All rights reserved | Designed By ESmartsSolution

    Type above and press Enter to search. Press Esc to cancel.

    ↑