This is the best summary I could come up with:
Hackers have adopted a “strategy” of infiltrating systems in the developing world before moving to higher-value targets such as in North America and Europe, according to a report published on Wednesday by cyber security firm Performanta.
Recent ransomware targets include a Senegalese bank, a financial services company in Chile, a tax firm in Colombia, and a government economic agency in Argentina, which were hit as part of gangs’ dry runs in developing countries, the data showed.
Medusa, a cyber gang that “turns files into stone” by stealing and encrypting companies’ data, began to attack businesses in 2023 in South Africa, Senegal, and Tonga, the Performanta report said.
!.txt., would instruct the user to log on to the dark web and start ransom negotiation with the gang’s “customer service.” If victims refuse, the cyber attackers publish the stolen data.
Cyber security companies monitor the dark web for information and then set up “honeypots”—fake websites that mimic attractive targets—in developing nations to catch experimental attacks at an early stage.
When a group of cyber attackers this year began discussing a new vulnerability, named CVE-2024-29201, they “specifically targeted a few [exposed servers] in third world countries to test out how reliable the exploit was,” said Izrael from Armis, whose analysts were monitoring the gang’s conversations on the dark web.
The original article contains 745 words, the summary contains 216 words. Saved 71%. I’m a bot and I’m open source!
RavuAlHemio@lemmy.world 6 months ago
The stock image says “RAMSOMWARE” with an M instead of the N…