Sansec cybersecurity experts: The new parasitic malware, spread by CronRAT, hijacks a host Nginx application to masquerade its presence.
Avaddon ransomware group started using DDoS attacks on victim’s networks. It’s the third threat actor, after SunCrypt and RagnarLocker, that adopt the “Triple Extortion” strategy to increase pressure on malware victims
Also Avaddon ransomware group started using DDoS attacks on victim’s networks to increase pressure. The cybercrime gang announced it on its data leak site, referring to a company that didn’t want to “cooperate”. This strategy was launched by SunCrypt, as the cybersecurity expert MalwareHunterTeam detected. When negotiations between a firm and the aggressors stalled, they launched a huge DDoS attack against it’s website to force it to return to dialogue with blackmailers via Tor. Later RagnarLocker threat actors did the same. This new strategy has been defined the “Triple Extortion” and probably is a growing trend among criminal hackers, as it was the “Double Extortion”, introduced by Maze.