Russian origin Zeppelin Ransomware hits Europe and US

121

Ransomware named Zeppelin is reported to be hitting healthcare and technology companies across United States, Canada, and Europe and security analysts from BlackBerry Cylance feel that the new form of ransomware is highly customizable and supposedly believed to be developed by hackers from Russia.

Zeppelin is believed to be a variant developed from the network encrypting malware named VegaLocker and is reported to be developed in November this year.

Highly placed sources say that the malware is targeting only companies operating in the West for now and the month-long campaigns appear to be resourceful to hackers on the financial scale.

News is out that the said ransomware is being spread through malvertising operations and waterhole attacks that are configured to prove as malicious payloads to the intended targets via EXE, DLL Files or bundled into a PowerShell Loader. As the malware campaign is being monitored through IP addresses, it is proving 100% successful to hackers.

Zeppelin Ransomware has also so far targeted few companies from Russia, Ukraine, Kazakhstan or those which belonged to Union Soviet Socialist Republic(USSR) previously.

What’s interesting in this campaign is that the target selection is taking place on a selective note and not on a random basis. So, security researchers from Blackberry Cylance say that the companies which are being targeted now are predetermined and based on the well-researched listing made by hackers from Dark web or a state-funded hacking group.

Therefore companies operating in the west; irrespective of their business nature should be proactive, predictive and adaptive when it comes to implementing Cybersecurity measures.