Many attacks and attack vectors remain successful because vulnerabilities are not addressed, and patches applied.
Compromised networks from unpatched vulnerabilities and bad security practices continue to be a fertile ground for hackers. Misconfigured security and access policies also are a major source of data breaches.
Another vulnerability hackers have preyed on is the employee. Employees have falling prey to phishing emails or fake websites leading to malware attacks allowing threats such as ransomware to infiltrate a company’s network. We have seen ransomware attacking servers and networks encrypting data on computing devices until a ransom is paid to hackers, leaving many businesses with no options but to pay to get their data back. But now a new type of ransomware has been reported called “Robinhood Ransomware”. In this ransomware, they are levying a penalty of $10,000 to victims failing to pay the ransom for every day beginning on the 4th day of encryption. One of the most unique features in this ransom is assuring the victim if they pay the ransom that they do not have to report the breach and that their secret is safe with them.
By assuring the victim of their privacy they are betting on the increased chance of the payment being made and in return the company attempting to prevent any negative publicity to save their reputation.
The attackers behind the RobinHood ransomware are actively trying to gain access to the network in the attempt to encrypt as many computers on the network as they can, deploying ransom notes under 4 different names on the infected machines. The names of these notes are
The encryption method being used is unknown but when files are encrypted, they will be renamed to something similar to Encrypted_b0a6c73e3e434b63.enc_robinhood.
Most recently, the ransomware named RobinHood has already made the news recently by infecting the network for the City of Greenville, North Carolina.
Contact MVR Group to learn how our IT Security services can help you.