The ransomware encrypts files on the victim’s computer, adding the “.womp” extension, and displays a ransom note demanding payment in Bitcoin for decryption. The attack, known as the “Prince Ransomware,” utilizes a phishing scam that impersonates the British postal carrier Royal Mail. The open availability of Prince Ransomware on platforms like GitHub also highlights a broader issue within cybersecurity: the accessibility of malicious tools for educational purposes that threat actors can easily repurpose. This campaign lacks a decryption mechanism, unlike typical ransomware attacks, which aim to extort money in exchange for decrypting files. GBHackers on Security is a top cybersecurity news platform, delivering up-to-date coverage on breaches, emerging threats, malware, vulnerabilities, and global cyber incidents. Once opened, the second ZIP file contains a shortcut (LNK) file that executes JavaScript code designed to deploy the ransomware. Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world. The ransom note falsely claims that files have been exfiltrated and promises automatic decryption upon payment of 0.007 Bitcoins (approximately $400). The Prince Ransomware campaign underscores the importance of cybersecurity awareness and preparedness. Researchers at Proofpoint first detected the Prince Ransomware campaign in mid-September. A new ransomware campaign targeting individuals and organizations in the UK and the US has been identified. This campaign highlights the growing sophistication of cyber threats and the need for heightened vigilance among internet users. Organizations are advised to educate their employees about recognizing phishing attempts and suspicious communications, especially those involving unexpected attachments or requests for sensitive information. Additionally, organizations should implement robust security measures such as multi-factor authentication, regular software updates, and comprehensive data backup strategies. These steps can help mitigate the impact of ransomware attacks and ensure business continuity. Join us for an insightful panel discussion with Chandan Pani, CISO - LTIMindtree and Ashish Tandon, Founder & CEO – Indusface, as we explore the multifaceted role of compliance in securing modern enterprises. The attack method is insidious, involving contact forms on target organizations’ websites rather than traditional email phishing methods. The attackers send messages that appear to originate from a Proton Mail address, masquerading as official communications from Royal Mail.
This Cyber News was published on gbhackers.com. Publication date: Fri, 04 Oct 2024 09:13:06 +0000