The operators behind the Robbinhood ransomware have changed the statements made in the ransom note that’s delivered to their victims in an attempt to scare victims into paying the ransom. Boastful and arrogant in their message, the cybercriminals point to past incidents where their virus was successful. The new ransom note showcases the Baltimore ransomware attack when the city was extorted to pay $76,000 for the decryption keys, but the costs didn’t end there. The city reported spending over $10 million to recover from the attack and is spending an additional $6 million to harden its IT infrastructure to prepare/defend against future attacks. This attack alone is enough to create RobbinHoods’ reputation and the operators of the ransomware are using this to their advantage. The new ransom note, found by Joakim Kennedy, lets the victim know that the operators have been lurking in the victim’s network for a while to learn the ropes and achieve widespread control of the victim’s systems. The instructions warn the victim not to work with the FBI or other security professionals. It also states that turning off systems, renaming the files or trying to recover the computer “will damage your files.” Additionally, the note states, “You must pay us in 4 days if you don’t pay in the specific duration, the price increases $10,000 each day after that period. After 10 days your keys and your panel will be removed automatically.”
Using Microsoft Sentinel to Detect Confluence CVE-2022-26134 Exploitation
By Akshay Rohatgi and Randy Pargman About this Student Research Project Binary Defense’s mission is