Egregor Ransomware Now Hitting The Scene. A new ransomware strain burst onto the scene in September last year (2020). Dubbed ‘Egregor’ by the Digital Shadows research team discovered it has already claimed more than seventy victims in nineteen countries worldwide. Worse, the hackers controlling it appears just to be starting.
The malware’s expert designs and all of the hackers’ attacks’ detailed plans leads the research team at Digital Shadows to conclude that the strain has been under development for quite some time. ‘Egregor Ransomware’ isn’t running by a group of novices or low-level hackers.
While they may not be working directly for a Nation-State, they’ve got excellent skills and shouldn’t underestimate use by hackers. The research team concludes that Egregor Ransomware hackers just warming up, and the months ahead could see the number of attacks this group is responsible for multiply greatly.
Payments
Naturally, hackers using Egregor deploy ransomware of any kind for payment. In this case, the group behind Egregor sticks to convention and demands their ransom in BitCoin, with the exact price varying from one target to the next.
While the Egregor malware campaign hasn’t been operational long enough to draw any firm conclusions about how they initially breach a target network, available evidence suggests that phishing campaigns play a significant role. That’s not a great surprise since it’s one of the main ways most hackers get a foot in the door.
In any case, this is a dangerous piece of code and one to stay on the lookout. While the hackers behind it don’t gouge quite as deeply as some other ransomware strains currently in use, a successful attack by Egregor is still a lesson in pain that could seriously disrupt or even end your business. Stay vigilant, and make sure you’ve got a robust backup system in place.
