Nefilim: On the subject of cyberattacks and computer hacking, it is clear that no one is safe, and anyone can have their computer, mobile phone, etc. hacked, without having anything to do with whether they are rich or poor, laborer or count. But there are criminals who prefer to attack in a big way, and go for the most succulent loot, like those who use the Nefilim ransomware group.
Ransomware, the malware of choice
Ransomware is a type of cyber threat that infects a computer or a network to encrypt it and steal the information it contains, and for its release requires a payment in exchange, usually in a cryptocurrency. But modern attacks are selective, adaptive, and stealth, using approaches that have already been tested and refined by advanced persistent threat (APT) groups.
According to a report by cybersecurity experts at Trend Micro, modern ransomware actors identify and target valuable data, often exfiltrating it from the victim’s network organization rather than simply encrypting it. This gives them another avenue of extortion: if the victim does not pay the ransom, the attacker may threaten to make the private data public. And for companies that have intellectual property data, proprietary information, private employee data, and customer data, this is a serious concern.
Because in his industry, “any data breach will lead to regulatory penalties, lawsuits and damage to reputation.”
The Double Extortion
This tactic is the so-called ‘double extortion’, by which they threaten to filter the sensitive data that has been stolen before deploying the ‘ransomware’ in their compromised networks, as reported by Trend Micro in the results of its study on ‘ransomware’ modern technology, the techniques they use, and the type of organizations they target. According to the report, the attack is no longer usually the work of a single person / group: there are different groups of cybercriminals who are responsible for the different phases of the attacks.
“This is the by-product of a recent evolution in cybercriminals’ business operations: hackers are now partnering with ransomware actors to monetize hacking-related breaches,” they explain.
Trend Micro has focused on 16 groups of modern ‘malware’, analyzed between March 2020 and January 2021, of which Conti, Doppelpaymer, Egregor and REvil led the number of exposed victims, and Cl0p had the most data stolen. hosted ‘online’, with 5 TB.