US Federal Bureau of Investigation (FBI) has issued an alert that a new ransomware dubbed as Ranzy Locker is on the prowl in the wild and has so far attained success in victimizing over 30 companies operating in America.
Confirming the same, the Cybersecurity and Infrastructure Security Agency (CISA) issued a warning that Ranzy Locker Ransomware has the potential to target its victims through brute force attacks launched on Remote Desktop Protocol (RDP).
As usual, the said malware gang is reportedly spreading its wings by exploiting the vulnerability in Microsoft Exchange Servers like how REvil and Maze have done in the past.
Investigations made by the law enforcement agency state that the ransomware gang has so far targeted financial sector based companies and have stolen millions of files, including banking transactions, customer details, contact information, and other such details before encrypting the files.
Ranzy Locker malware is also available for rent and so any threat actors having the intention to make quick money are seen distributing the newly developed file encrypting malware.
Taking regular backups that can be efficiently used to data continuity when the need arises, implementing network segmentation, installing regular software and firmware updates, auditing user accounts at regular intervals, limiting access to RDPs, deploying email threat monitoring solutions on network servers and disabling links embedded in the mail will help in reducing the spread of ransomware say cyber experts from FBI.
Note- In November 2019, FBI issued a press update notifying companies not to pay a ransom to hackers, if in case, their data is compromised by malware as it encourages crime and also doesn’t guaranty a decryption key in return as soon as the ransom is paid.
