“Urgent action, everyone.” OldGremlin extortionists attack Russian companies again

Group-IB, a cybersecurity company, warned of a new wave of attacks on Russian companies by the Russian-language ransomware group OldGremlin.

As experts note, until recently, Russian-speaking criminal extortion groups had one unspoken rule – don’t touch Russian companies. However, OldGremlin was among the rare exceptions.

At the end of March, Group-IB discovered two new attacks on Russian companies on March 22 and 25. In the first mailing, dated March 22, the extortionists play up the topic of sanctions and the “complete withdrawal” of the Visa and Mastercard payment systems – the letter was written on behalf of a senior accountant of a Russian financial institution. In order to apply for a new bank card, “everyone urgently” had to study the instructions and fill out a form. In fact, the letters contained links to a malicious document on DropBox. Three days later, on March 25, OldGremlin sent a new mailing.

Group-IB experts speculate that the new mailings may have infected a large number of companies, and in the coming months, attackers will make their way into their infrastructure without too much haste, “slowly and carefully” bypassing their defenses.

Previous Post

MS Optics Sonnetar 50mm F1.3 lens with Leica M mount costs $955

Next Post

A special Opera crypto-browser became available for iPhone

Related Posts