Connect with us

Hi, what are you looking for?

Tech & Science

New BlackHat Ransomware goal is obfuscation

The FBI warning of BlackHat Ransomware finds it has breached over 60 organizations worldwide

Image: © AFP
Image: © AFP

Earlier in 2022, the U.S. FBI issued a warning about BlackHat Ransomware. The criminal entity has breached over 60 organizations worldwide. The BlackHat virus is a ransomware-type infection that locks (encrypts) files and demands ransom payments in return for decryption keys/tools.

The ransomware being used by the hackers notable for being the first-ever malware written in the Rust programming language, which is known to be memory safe and offer improved performance.

Looking into further developments with the hacking group for Digital Journal is Dave Klein, Director, Cyber Evangelist of Cymulate.

According to Klein: “The use of Rust is significant as it is an attempt at attack obfuscation. This uses existing techniques but is obfuscated by using a new programming language that may go beyond existing security controls.”

Delving further into the FBI report, Klein finds: “The other interesting thing the FBI notes is that former Darkside ransomware group members and affiliates are associated with this campaign. Similar to Darknet criminal marketplaces when a marketplace is shut down, the vendors move to a new marketplace.”

An example of such a marketplace is Silk Road, which was an online black market and the first modern darknet market. The site was notorious for selling large quantities of drugs. Since then, many other illicit marketplaces have arisen.

As to the significance, Klein considers: “What does that show? When your previous ransomware group gets shut down, the members will take their skill sets and move on to other opportunities.”

Hospital cyberattack puts lives at risk

Moving across the Atlantic to a French hospital that had to disconnect after hackers stole data. The impacted facility was the GHT Coeur Grand Est. Hospitals and Health Care group, located in Northeast France.

Mike DeNapoli, lead security architect of Cymulate adds further context to the incident impacting the 3,370 beds hospital, telling Digital Journal:  “This is a disastrous event for the region in which this hospital serves.  Blocking all connectivity disconnects them from their patients as much as it does from the attackers.”

According to DeNapoli: “This also means that they cannot obtain the same level of rapid assistance from external Incident Responders.  We see, yet again, another example of how ruthless attackers are, where they will risk the health and lives of real human beings in the pursuit of payouts, and how healthcare organizations are not ready to address these threats effectively.”

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

Business

The mindset of "trust none, verify all" is based on the zero-trust paradigm and is applied through identity authentication.

Tech & Science

15 percent of people aged 40-75 have a form of undiagnosed high blood pressure (or hypertension) that occurs only at night-time.

Social Media

It is sensible to limit the amount of information present on social media accounts.

Tech & Science

While looking for a missing planet in the 18th century, astronomer Giuseppe Piazzi discovered the very first asteroid, Ceres.