Prince Ransomware Hits UK and US via Royal Mail Phishing Scam

The ransomware encrypts files on the victim’s computer, adding the “.womp” extension, and displays a ransom note demanding payment in Bitcoin for decryption. The attack, known as the “Prince Ransomware,” utilizes a phishing scam that impersonates the British postal carrier Royal Mail. The open availability of Prince Ransomware on platforms like GitHub also highlights a broader issue within cybersecurity: the accessibility of malicious tools for educational purposes that threat actors can easily repurpose. This campaign lacks a decryption mechanism, unlike typical ransomware attacks, which aim to extort money in exchange for decrypting files. GBHackers on Security is a top cybersecurity news platform, delivering up-to-date coverage on breaches, emerging threats, malware, vulnerabilities, and global cyber incidents. Once opened, the second ZIP file contains a shortcut (LNK) file that executes JavaScript code designed to deploy the ransomware. Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world. The ransom note falsely claims that files have been exfiltrated and promises automatic decryption upon payment of 0.007 Bitcoins (approximately $400). The Prince Ransomware campaign underscores the importance of cybersecurity awareness and preparedness. Researchers at Proofpoint first detected the Prince Ransomware campaign in mid-September. A new ransomware campaign targeting individuals and organizations in the UK and the US has been identified. This campaign highlights the growing sophistication of cyber threats and the need for heightened vigilance among internet users. Organizations are advised to educate their employees about recognizing phishing attempts and suspicious communications, especially those involving unexpected attachments or requests for sensitive information. Additionally, organizations should implement robust security measures such as multi-factor authentication, regular software updates, and comprehensive data backup strategies. These steps can help mitigate the impact of ransomware attacks and ensure business continuity. Join us for an insightful panel discussion with Chandan Pani, CISO - LTIMindtree and Ashish Tandon, Founder & CEO – Indusface, as we explore the multifaceted role of compliance in securing modern enterprises. The attack method is insidious, involving contact forms on target organizations’ websites rather than traditional email phishing methods. The attackers send messages that appear to originate from a Proton Mail address, masquerading as official communications from Royal Mail.

This Cyber News was published on gbhackers.com. Publication date: Fri, 04 Oct 2024 09:13:06 +0000


Cyber News related to Prince Ransomware Hits UK and US via Royal Mail Phishing Scam

FBI: Royal ransomware asked 350 victims to pay $275 million - The FBI and CISA revealed in a joint advisory that the Royal ransomware gang has breached the networks of at least 350 organizations worldwide since September 2022. In an update to the original advisory published in March with additional information ...
1 year ago Bleepingcomputer.com
Prince Ransomware Hits UK and US via Royal Mail Phishing Scam - The ransomware encrypts files on the victim’s computer, adding the “.womp” extension, and displays a ransom note demanding payment in Bitcoin for decryption. The attack, known as the “Prince Ransomware,” utilizes a ...
2 months ago Gbhackers.com
Royal ransomware may soon rebrand, BlackSuit links confirmed The Register - The FBI and the US govt's Cybersecurity and Infrastructure Security Agency have released fresh guidance on the Royal ransomware operation, saying that evidence suggests it may soon undergo a long-speculated rebrand. The agencies didn't specify a ...
1 year ago Theregister.com
Spear Phishing vs Phishing: What Are The Main Differences? - Almost half of them used phishing to obtain the passwords of users. Highly targeted phishing campaigns against specific individuals or types of individuals are known as spear phishing. It's important to be able to spot phishing in general. For ...
10 months ago Techrepublic.com
Hackers pose as British postal carrier to deliver Prince ransomware in destructive campaign - “Based on the lack of a link to determine which user has paid to have their files decrypted, and which infected computer belongs to the user who paid, paired with the lack of communication instructions, this appears to be a destructive attack, with ...
2 months ago Therecord.media
Group behind LockBit ransomware claims responsibility for cyberattack on Royal Mail - The LockBit ransomware group has been linked to a cyberattack on the UK's leading mail delivery service, Royal Mail, which has caused severe disruption to their international shipping services. LockBitSupport, the ransomware gang's public-facing ...
1 year ago Bleepingcomputer.com
The Top 10 Ransomware Groups of 2023 - This article takes an in-depth look at the rise in ransomware attacks over the past year and the criminal groups driving the surge in cyber extortion. LockBit has established itself as one of the most notorious ransomware operations since emerging on ...
11 months ago Securityboulevard.com
New Phishing Scam Hooks META Businesses with Trademark Threats - The phishing scam falsely asserts that the victim's Facebook page will be permanently deleted due to a post allegedly infringing on trademark rights. There is no actual infringement; it's all part of the scammer's malicious plan. In a recent wave of ...
11 months ago Hackread.com
A type of malicious software called Royal Ransomware designed for Linux systems is attacking VMware ESXi servers - The latest ransomware operation to target Linux devices is Royal Ransomware. It is specifically designed to encrypt VMware ESXi virtual machines. Other ransomware gangs, such as Black Basta, LockBit, BlackMatter, AvosLocker, REvil, HelloKitty, ...
1 year ago Bleepingcomputer.com
Hackers distributing Prince Ransomware by impersonating Royal Mail - Cybersecurity Insiders - As hostilities continue to escalate between Israel and Iran, similar patterns of cyber aggression are anticipated, raising the stakes for cybersecurity on a global scale. The emergence of the Prince ransomware marks a worrying trend, as it joins the ...
2 months ago Cybersecurity-insiders.com
What SOCs Need to Know About Water Dybbuk - According to the Federal Bureau of Investigation, BEC costs victims more money than ransomware, with an estimated US$2.4 billion being lost to BEC in the US in 2021. Recently, BEC scammers have been using stolen accounts from legitimate Simple Mail ...
1 year ago Trendmicro.com
Threat of Data Breach by LockBit Ransomware Group Looms Over Royal Mail - The British postal and courier company Royal Mail has been listed on the LockBit ransomware group's extortion site, with the criminals giving them a deadline of Thursday, February 9th to make a payment. It is unclear what data the criminal group has ...
1 year ago Therecord.media
Hive Ransomware: A Detailed Analysis - This past week, on January 26th, to be exact, the FBI successfully shut down the Hive ransomware group and saved victims over a hundred million dollars in ransom payments and remediation costs. As ransomware continues to be a national security threat ...
1 year ago Heimdalsecurity.com
Check Point Research Unfolds: Navigating the Deceptive Waters: Unmasking A Sophisticated Ongoing NFT Airdrop Scam - Sophisticated Scam Targeting Token Holders: Over 100 popular projects' token holders targeted with fake NFT airdrops appearing from reputable sources. Multi-Stage Deception Uncovered: The ongoing Scam involves enticing victims to fraudulent websites ...
11 months ago Blog.checkpoint.com
Researchers link 3AM ransomware to Conti, Royal cybercrime gangs - Security researchers analyzing the activity of the recently emerged 3AM ransomware operation uncovered close connections with infamous groups, such as the Conti syndicate and the Royal ransomware gang. The 3AM ransomware gang's activity was first ...
11 months ago Bleepingcomputer.com
Flipping the BEC funnel: Phishing in the age of GenAI - For years, phishing was just a numbers game: A malicious actor would slap together an extremely generic email and fire it out to thousands of recipients in the hope that a few might take the bait. Common among these new techniques was a shift towards ...
11 months ago Helpnetsecurity.com
USPS Delivery Phishing Scam Exploits SaaS Providers to Steal Data - A new USPS Delivery Phishing Scam has surfaced, in which scammers are exploiting Freemium Dynamic DNS and SaaS Providers to steal victims' login credentials and other data. Cybersecurity researchers at Bloster AI have uncovered a new USPS Delivery ...
1 year ago Hackread.com
The Week in Ransomware - Governments struck back this week against members of ransomware operations, imposing sanctions on one threat actor and sentencing another to prison. On Tuesday, the Australian, US, and UK governments announced sanctions against Aleksandr Gennadievich ...
10 months ago Bleepingcomputer.com
Fraudulent "CryptoRom" Apps Slip Through Apple and Google App Store Review Process - Pig Butchering, also known as Sha Zhu Pan and CryptoRom, is an ugly name for an ugly scam. What is new is that apps perpetrating the scam can be downloaded from the official Apple and Android app stores - giving them greater apparent validity to ...
1 year ago Securityweek.com
Combat Phishing Attacks With AI-Powered Threat Protection - According to statistics, 81% of organizations have seen an increase in phishing emails since 2020, with an estimated 3.4 billion emails sent every day. AI-generated phishing emails are a sophisticated and evolving cybersecurity threat. ...
10 months ago Gbhackers.com
Medusa Ransomware Turning Your Files into Stone - Unit 42 Threat Intelligence analysts have noticed an escalation in Medusa ransomware activities and a shift in tactics toward extortion, characterized by the introduction in early 2023 of their dedicated leak site called the Medusa Blog. The Unit 42 ...
11 months ago Unit42.paloaltonetworks.com
Ransomware Roundup - The Ransomware Roundup report aims to provide readers with brief insights into the evolving ransomware landscape and the Fortinet solutions that protect against those variants. This edition of the Ransomware Roundup covers the 8base ransomware. 8base ...
11 months ago Feeds.fortinet.com
Hackers Impersonate as Security Researcher Aid Ransom Victims - Hackers impersonate security researchers to exploit trust and credibility. Cybersecurity researchers at Arctic Wolf Labs recently discovered that hackers are actively impersonating security researchers to aid ransomware victims. Compounding the ...
11 months ago Cybersecuritynews.com
Ransomware's Impact May Include Heart Attacks, Strokes & PTSD - First-order harms: Direct targets of ransomware attacks. The increasing convergence of IT and OT leave physical infrastructures more vulnerable to ransomware, even though most ransomware operators lack the capability to directly compromise OT or ...
10 months ago Techrepublic.com
Royal Mail Nearly Fully Operational Following Ransomware Attack - Royal Mail was nearly back to full operations after a recent ransomware attack affected their online services for several days. The attack, which was first reported on 29th April, occurred as a result of cyber hackers targeting Royal Mail's email and ...
1 year ago Therecord.media

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)