Crypto ransomware attack against 30 US firms fails to find its target

Published by:
Posted on: June 29, 2020 6:06 pm EDT

Hackers try, and fail, to launch a massive attack against Fortune 500 firms

A new ransomware attack by a known hacker group was successfully blocked by the cybersecurity firm Symantec. The attack was directed against at least 30 US-based firms that are part of the Fortune 500 group. Symantec confirmed that the attack came from Evil Group, which usually targets victims’ IT infrastructures to later ask for Bitcoin payments.

Symantec was able to alert companies in time to prevent the group from deploying its ransomware WastedLocker, which was intended to be used to breach the company’s security network. Apparently, the hackers were able to breach the firms’ security, but were unsuccessful in laying the ground for staging the attacks. Not so long ago, the crypto new site Cointelegraph published a study from Fox-IT, a division of NCC Group, another cybersecurity firm, in which companies were warned about Evil Group’s criminal activities after having been inactive for a while.

Evil Group is a well-known hacking group that typically asks its victims to pay million-dollar ransom payments, mostly in Bitcoin, but also other cryptocurrencies. According to reports, this group has asked for a combined total of $10 million from an unknown number of US companies that were attacked before this attempt.

Symantec’s Targeted Attack Cloud Analytics team has been using machine learning to teach computers how to recognize patterns of activity that might be related to recent attacks and report it immediately, so the team was able to warn victims since the early stages of WastedLocker attacks.

There was no further information about which companies were victims of this blocked attack; however, Symantec said that the most affected sector was the manufacturing one because there were at least five organizations related to that industry during the attacks.