Cybercriminals Recycle Ransomware Faster

Kumud Rathore

July 13, 2022

Researchers came across ransomware’s recycling campaign, which uses publicly available resources. Nokoyawa appeared and was first found by FortiGuard researchers. This was similar to Karma which can be tracked by Nemty.The April 2022 samples include three new features that increase the number of files that Nokoyawa can encrypt. The code was copied from numerous public sources e.g source of the now-defunct Babuk ransomware. It deletes volume snapshots by resizing the allocated space for snapshots of volume shadow copies to 1 byte – and because this size is insufficient for storing snapshots, Windows will delete them.Stopping an attacker earlier is important, and focusing on a few detected TTPs can stop a malware's assault capabilities in instances.To prioritize security strategies can impact on how businesses maximize their protection.Cyber hygiene is the second priority- learning the fundamentals of cyberwarfare can help everyone defend their organizations against attacks. Multi-factor authentication and password protection can help protect remote workers’ personal information, and knowing how to spot phishing emails and malvertising schemes will help employees avoid falling for these social engineering ploys.

Abridged fromSecurity Week