A new ransomware strain burst onto the scene in September of this year (2020). Dubbed ‘Egregor’ by the research team at Digital Shadows who discovered it, it has already claimed more than seventy victims in nineteen countries around the world. Worse, the hackers controlling it appear to just be getting started.
The malware is expertly designed and all of the hackers’ attacks have been meticulously planned. This information lead the research team at Digital Shadows to conclude that the strain has been under development for quite some time, and that this operation isn’t being run by a group of novices or low-level hackers.
While they may not be working directly for a Nation-State, they’ve got serious skills and should not be underestimated. The research team concludes that they’re just getting warmed up, and the months ahead could see the number of attacks this group is responsible for multiply greatly.
Naturally, hackers who deploy ransomware of any kind, do so in order to get paid. In this case, the group behind Egregor sticks to convention and demands their ransom in BitCoin, with the exact price varying from one target to the next.
While the malware campaign hasn’t been operational long enough to draw any firm conclusions about how they initially breach a target network, available evidence suggests that phishing campaigns play a major role. That’s not a great surprise, since it’s one of the main ways most hackers get a foot in the door.
In any case, this is a dangerous piece of code, and one to stay on the lookout for. While the hackers behind it don’t gouge quite as deeply as some other ransomware strains currently in use, a successful attack is still a lesson in pain that could seriously disrupt, or even end your business. Stay vigilant, and make sure you’ve got a robust backup system in place.