DragonForce Ransomware – What You Want To Know – Cyber Tech

What is going on on?

A comparatively new pressure of ransomware known as DragonForce has making the headlines after a collection of high-profile assaults.

Like many different ransomware teams, DragonForce makes an attempt to extort cash from its victims in two methods – locking corporations out of their computer systems and knowledge by encryption, and exfiltrating knowledge from compromised techniques with the specter of releasing it to others by way of the darkish net.

Thus far, so regular. How did DragonForce come to prominence?

DragonForce’s earliest identified ransomware assault was towards the Ohio Lottery. In that case, DragonForce boasted it had stolen over 600 GB of information – together with three million information containing names, e-mail addresses, social safety numbers, and different delicate data.

Different claimed victims have included Yakult Australia (95.19 GB of firm knowledge breached), and Coca-Cola in Singapore (413.92 GB.)

Did not in addition they hit some island lately?

You have to be pondering of the island of Palau within the Western Pacific.

In mid-March 2024, the federal government of Palau was hit by a ransomware assault that locked up computer systems. Bizarrely, ransom notes from two hacking gangs had been left behind – one from LockBit and one from DragonForce.

As Recorded Future reviews, the ransom notes gave the federal government differing directions on find out how to talk with the attackers, however the Tor hyperlinks offered didn’t work.

On its darkish net leak web site, the DragonForce ransomware gang threatened to launch data stolen from the island’s authorities, stating that negotiations had damaged down. Palauan authorities, nevertheless, denied having made any contact with the cybercriminals.

That is peculiar. What else ought to I learn about DragonForce?

Effectively, in one other weird twist, the DragonForce ransomware gang has lately been reported as publishing audio of its discussions with victims on its leaks web site.

Audio?

Sure. As TechCrunch reviews, a phone dialog between a member of the gang and considerably baffled entrance desk workers was posted on the group’s web site in an obvious try and strain an organization into paying a ransom.

DragonForce sounds somewhat determined if it has to telephone its victims to provoke negotiations…

It does slightly. However that does not imply that they can not nonetheless trigger lots of hurt and disruption if you’re unfortunate sufficient to be hit by the group’s ransomware.

So, who’s behind the DragonForce ransomware?

Though it’s unsure who’s liable for the DragonForce ransomware assaults, some within the cybersecurity group have linked the ransomware to the Malaysian hacking group and discussion board known as DragonForce Malaysia.

The same names mustn’t, after all, be thought-about proof of a connection – and it is at all times potential that the identify of DragonForce has been chosen deliberately by the ransomware gang to steer investigators off the scent, or as a bit of mischief-making. Or perhaps it is merely coincidence…

Though there are some weird facets to DragonForce, it nonetheless seems like I ought to take the menace severely.

My advice can be to take any ransomware group severely. In case your organisation falls sufferer then the implications might be very expensive.

What ought to we do to guard our enterprise from ransomware?

Your organisation ought to comply with secure computing practices to defend towards DragonForce and different ransomware assaults. These embrace:

• making safe offsite backups.
• operating up-to-date safety options and guaranteeing that your computer systems are protected with the newest safety patches towards vulnerabilities.
• Limit an attacker’s potential to unfold laterally by your organisation by way of community segmentation.
• utilizing hard-to-crack distinctive passwords to guard delicate knowledge and accounts, in addition to enabling multi-factor authentication.
• encrypting delicate knowledge wherever potential.
• lowering the assault floor by disabling performance that your organization doesn’t want.
• educating and informing workers in regards to the dangers and strategies utilized by cybercriminals to launch assaults and steal knowledge.

Keep secure.

Editor’s Observe: The opinions expressed on this visitor writer article are solely these of the contributor and don’t essentially replicate these of Tripwire.