New ransomware has appeared (opens in a new tab) operator in the city, and this one is gaining fame quite quickly. MalwareHunterTeam cybersecurity researchers recently uncovered a previously unbranded and relatively low-profile group. Now the group is called “Trigona” and has become very active.
BleepingComputer found that over the past few months, a group of cybercriminals has managed to compromise and encrypt the files of many targets, including a real estate company and an entire German village, adding that the number of attacks is increasing worldwide.
Paying in Monero
Details are scarce. Researchers have yet to determine exactly how Trigona is compromising endpoints on its target network and whether it is using zero-day or known malware for the breach.
The exact ransom demand is also unknown, although as with other groups, Trigona is most likely negotiating the price with its victims. Finally, he created a dedicated Tor website with a chat help window where victims can negotiate further.
All we know is that the ransom must be paid in Monero, a privacy-oriented cryptocurrency whose transactions are very difficult to track. Hence, hackers and cybercriminals like it a lot.
The publication also said it was exfiltrating the data to a third location and later threatening to disclose it if the demands were not met, although this has yet to be verified. There are no active negotiations at the moment.
Trigona offers its victims the opportunity to decrypt five 5 MB files for free to demonstrate that its decryptor is legitimate and works. However, cybersecurity researchers and law enforcement warn companies against paying the ransom for a number of reasons.
Paying the request does not guarantee full restoration of both network and file access, and does not guarantee that the business will not be attacked again. Moreover, paying the request only motivates cyber criminals to continue their activities.
Instead, businesses should opt for robust cybersecurity packages, regular backups, and educating employees about the risks of cybercrime.
By: Beeping Computer (opens in a new tab)