X-Industry

Our Friends at Fortinet have provided its latest technical analysis of the Ragnar Locker ransomware.

Affected platforms:          Microsoft Windows
Impacted parties:            Microsoft Windows Users
Impact:                            Encrypts files on the compromised machine and demands ransom for file decryption
Severity level:                  High

Ragnar Locker is ransomware for Windows and Linux that exfiltrates information from a compromised machine, encrypts files using the Salsa20 encry

The Ragnar Locker ransomware group has decided to ratchet up the pressure on its latest high-profile victim, Italian liquor conglomerate Campari, by taking out Facebook ads threatening to release the 2TB of sensitive data it downloaded in a November 3, 2020 attack unless a US$15 million ransom is paid in Bitcoin.  Attacks that are carried out by the gang behind Ragnar Locker, break into company networks, make themselves admins, conduct reconnaissance, delete backups and deploy ransomware manuall

The popularity of ransomware threats does not seem to be decreasing. Instead, more and sophisticated ransomware threats are being deployed. Ragnar Locker is a new data encryption malware in this style. 

The actors behind Ragnar Locker partnered with the Maze ransomware gang as a means of extorting victims whose unencrypted data they had stolen.  This continued cooperation between ransomware gangs is a dangerous development.  The sharing of advice. Tactics and a centralized data leak platform bet

French container shipping company CMA CGM was hit by a major cyber-attack on 27 September 2020, which disrupted its daily operations.  According to Lloyd’s of London Intelligence sources, several of the company’s Chinese offices were affected by Ragnar Locker ransomware.   CMA CGM initially claimed that their booking system was disabled by an internal IT issue, but later confirmed “external access to CMA CGM IT applications are currently unavailable” after the ransomware attack.

CMA CGM is worki