Early Monday morning on the 4th of November, two Spanish companies, Everis (an IT consulting firm) and Cadena SER (Spain’s largest radio network) were simultaneously hit with ransomware. While the Cadena ransomware type is unknown, Everis has confirmed that it was hit with BitPaymer ransomware. BitPaymer is typically distributed through malicious emails containing Dridex, which threat actors will use to gain a foothold in a network and maintain persistence. Once a foothold is gained, a full reconnaissance is performed, and Active Directory credentials are grabbed. From there, BitPaymer is deployed by the threat actors.
Watch the Video
How does Binary Defense help protect your organization? With best in breed cybersecurity tactics, techniques, and services, we make sure that your environment is secure against the most advanced attacks.