snatch (6)

12429050280?profile=RESIZE_400xWho wants to mess with the food supply?  Foreign adversaries and crooks, that’s who.  The US food and agriculture sector dealt with at least 167 ransomware attacks last year, according to a leading industry group.  In its first annual report, the Food and Agriculture-Information Sharing and Analysis Center (Food and Ag-ISAC) said the industry was the seventh most targeted sector in the country, behind manufacturing, financial services and others.  Thus far in the first quarter of 2024, the secto

12331840098?profile=RESIZE_180x180A known ransomware group claims to have breached the systems of Kraft Heinz, but the food company says it cannot verify the cybercriminals’ allegations.  The ransomware group named Snatch publicly named Kraft Heinz on its website on 14 December 2023, but the post appears to have been created on 16 August 2023, which indicates that the attack occurred months ago.

See:  https://redskyalliance.org/xindustry/snatch-ransomware

Snatch ransomware first appeared in 2018 and was formerly called Team Trun

12229304882?profile=RESIZE_400xThe Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have released a this joint CSA to disseminate known ransomware IOCs and TTPs associated with the Snatch ransomware variant.  

Since mid-2021, Snatch threat actors have consistently evolved their tactics to take advantage of current trends in the cybercriminal space and leveraged successes of other ransomware variants’ operations.  Snatch threat actors have targeted a wide range of critical i

10513089491?profile=RESIZE_400xThe Snatch Ransomware group was first discovered at the end of 2019. The ransomware gained publicity due to its novel encryption method in which is reboots that target machine into safe mode and disables a number of security services before encrypting files, limiting the likelihood of detection.

The Ransomware also differs from major groups as they use targeted attacks rather than large phishing campaigns to gain access to specific companies. The group has been described as a big game hunter tha

9920277461?profile=RESIZE_400xActivity Summary - Week Ending on 17 December 2021:

  • Red Sky Alliance identified 39,374 connections from new IP’s checking in with our Sinkholes
  • ru Still has Issues after 3 weeks
  • Analysts identified 4,459 new IP addresses participating in various Botnets
  • Zoho ManageEngine
  • Manga
  • Log4j
  • Ransomware bad actor arrested in Romania
  • Volvo Snatched
  • AgentTesla
  • Cyber Attacks are a National Security Concern
  • Kronos Attack

Link to full report: IR-21-351-001_weekly351.pdf

9899649489?profile=RESIZE_400xActivity Summary - Week Ending on 10 December 2021:

  • Red Sky Alliance identified 44,043 connections from new IP’s checking in with our Sinkholes
  • dauction.ru Still has Issues
  • Analysts identified 3,806 new IP addresses participating in various Botnets
  • Phobos Ransomware
  • Yanluowang Ransomware
  • The Snatch Hacking Group
  • USB drives – Old Tactic
  • Hacker arrested in Ottawa
  • Becoming a Pro
  • Trains, Planes and Automobiles
  • MatchMG

Link to full report: IR-21-344-001_weekly344.pdf