Some of the most notorious hackers avoid attacking organizations in Eastern European countries.
According to cybersecurity news site Krebson Security, the criminal organization behind the Colonial Pipeline cyberattack, DarkSide and other prominent hacking groups, have partners install malicious software on computers that speak a particular language. It is forbidden to do that.
This has been going on since the early days of organized cybercrime, “aiming to minimize surveillance and interference from local governments,” Krebs said in a post, where certain malware was found in Russia. A virtual keyboard in Russian or Ukrainian is installed.
Biden provided Putin’s list of 16 key infrastructure entities “off limits” against cyberattacks
Cybereason, a cybersecurity firm, confirmed in April that the dark side was being used against targets in English-speaking countries, evading targets in countries related to the former Soviet block countries. I pointed this out.
According to a Cybereason report in April, “DarkSide ransomware checks the system’s language when it first runs on an infected host to ensure that systems in former Soviet-speaking countries are not encrypted. I will do it. “
According to a Cybereason post, there is an installation ban list used by DarkSide based on the language of the software on the victim’s organization’s computer.
This includes Russian, Azerbaijani, Uzbek and Ukrainian.
WINDOWS 10 has built-in ransomware protection: How to use
The Photon Research Team at Digital Shadows, a cyber risk protection company, said in a note sent to Fox News that Avaddon ransomware contained a ban targeting the Commonwealth of Independent States (CIS) countries.
“Threat actors specializing in various types of cybercrime comply with this rule. This is not limited to ransomware groups. Many Russian cybercrime platforms have members who are victims of this area. The rules explicitly state that we should refrain from targeting ransomware, “says the Photon Research Team. ..
According to Inga Goddijn, Executive Vice President of Risk Based Security, cybercriminals behave much like any other criminal enterprise.
Click here to get the Fox News app
“They prefer to work from places where law enforcement agencies are loose or underfunded, or where they tend to turn a blind eye to their activities,” Godin said. “If you have the authority to allow business continuity in exchange for some protection from your local business, it’s not surprising to see attackers striving to meet that requirement.”
Worst hackers avoid attacks on Eastern European countries: Report
Source link Worst hackers avoid attacks on Eastern European countries: Report