ETFOptimize | High-performance ETF-based Investment Strategies

Quantitative strategies, Wall Street-caliber research, and insightful market analysis since 1998.
ETFOptimize | HOME
Close Window
My Watchlist
Indicators
Markets
Stocks
ETFs
Tools
Markets:
Overview
News
Currencies
International
Treasuries

Swiss Company Dismantles Global-Scale CyberCrime Campaign, Saving Thousands of Enterprises

By: via AccessWire

YVERDON-IES-BAINS, SWITZERLAND / ACCESSWIRE / June 21, 2021 / PRODAFT, a Switzerland-based cyber-security company has just published a report on the notorious LockBit 'ransomware' cybercrime operation. According to the firm's report; systems of more than 2100 enterprise victims were compromised and held hostage. Upon months of cyber-intelligence research, PRODAFT's team have not only de-anonymized the attackers, but also rescued most of the victimized systems.

As known, 'Ransomware' has become one of the most popular attack methods which relies on infiltrating enterprise systems, encrypting the data and taking all valuable files hostage. While most people experience these kind of attacks on a more personal and generic manner with their own personal devices; extremely-organized global scale cyber-crime groups also utilize similar techniques for conducting the same operation on a more skillful, professional and dangerous manner. In addition to making the data inaccessible, most of the attackers threaten to publish the victim's data unless the ransom is paid until a certain time ("Double Extortion").

While ransomware has been in use for decades, it has gained much popularity among cyber criminals in recent years due to the level of experience it requires to conduct such attacks and the easiness of using anonymous payment methods. It is expected that losses from ransomware attacks are likely to exceed $20 billion by 2021.

LockBit, according to researchers from PRODAFT, has been an excellent example for these advanced ransomware operations in recent years. According to Ege Balcı, PRODAFT's threat intelligence team lead, 'Lockbit can automatically scan a network for useful targets, spread the infection, and encrypt all computers that are available. This ransomware is used in very unique attacks against companies and other organizations.'

Researchers from PRODAFT has stated that they have come across the LockBit operation following a support request from one of their clients. Following analysis of different malware samples, it was possible for the experts to detect the command and control server, the headquarters of the global operation. Upon overcoming different technical challenges while analyzing the command and control server, PRODAFT's researchers have been able to unfold the entire operation, acquiring details about victim telemetry, money flow analysis, infrastructure analysis and of course, profit estimations.

Koryak UZAN, co-founder of PRODAFT states 'an average ransom, demanded from a victimized enterprise is around 85 thousand dollars. We have been able to access detailed chat logs between victims and criminals involving price negotiations. In some cases, we even detected that IT officers inside victim organizations were negotiating a secret share for themselves, acting on behalf of the criminals'.

It has been further indicated that, ransomware continues to be a top priority in the agenda of public institutions and law enforcement agencies. 'No More Ransomware' project of EUROPOL is an important example for this issue. Acting as a support hub for targeted organizations, 'No More Ransomware' is an initiative that enables companies like PRODAFT to assist law enforcement and other public bodies in their fight against ransomware.

Organizations who have been targeted by LockBit, and did not received their decryption key yet, can simply go to PRODAFT's web site or github page to check if their key has already been published.

Founded in 2012, PRODAFT is a Switzerland-based provider of Cyber Threat Intelligence and Cyber Security solutions. The Company primarily works with critical infrastructures including but not limited to banking institutions, payment gateways, large e-commerce vendors, insurance providers and telecommunication companies. Aside from its commercial activities, PRODAFT's public articles and case-reports are recognized and praised by different SOCs, CERTS, CSIRTS and Law Enforcement agencies from different parts of the globe.

Note: Additional information about the case can be found in the case report: 
https://www.prodaft.com/m/reports/LockBit_Case_Report___TLPWHITE.pdf

Additionally, ZDNET's coverage of this topic can be found here for reference: https://www.zdnet.com/article/a-deep-dive-into-the-operations-of-the-lockbit-ransomware-group/

Mr. Koryak UZAN
Co-Founder
koryak@prodaft.com

SOURCE: PRODAFT SARL



View source version on accesswire.com:
https://www.accesswire.com/652460/Swiss-Company-Dismantles-Global-Scale-CyberCrime-Campaign-Saving-Thousands-of-Enterprises

More News

View More
MarketBeat Week in Review – 09/15 - 09/19
Via MarketBeat
Topics Economy
Tickers AAPL AMZN AVGO BE CRWD JOBY
Tesla: 2 Reasons to Love Musk's $1B Buy, 1 Reason to Be Bearish
Via MarketBeat
Tickers TSLA
Azure Leads While AI Excitement Fuels Microsoft Stock
Via MarketBeat
Topics Artificial Intelligence Economy
Tickers MSFT
Darden Restaurants: A Textbook Buy-the-Dip Opportunity
Via MarketBeat
Tickers DRI
Top 125 Family Businesses People Most Want to Work for in the U.S. [2025 Survey]
Via MarketBeat
Tickers AAPL
Stock Quote API & Stock News API supplied by www.cloudquote.io
Quotes delayed at least 20 minutes.
By accessing this page, you agree to the following
Privacy Policy and Terms Of Service.


 
IntelligentValue Home
Close Window

DISCLAIMER

All content herein is issued solely for informational purposes and is not to be construed as an offer to sell or the solicitation of an offer to buy, nor should it be interpreted as a recommendation to buy, hold or sell (short or otherwise) any security.  All opinions, analyses, and information included herein are based on sources believed to be reliable, but no representation or warranty of any kind, expressed or implied, is made including but not limited to any representation or warranty concerning accuracy, completeness, correctness, timeliness or appropriateness. We undertake no obligation to update such opinions, analysis or information. You should independently verify all information contained on this website. Some information is based on analysis of past performance or hypothetical performance results, which have inherent limitations. We make no representation that any particular equity or strategy will or is likely to achieve profits or losses similar to those shown. Shareholders, employees, writers, contractors, and affiliates associated with ETFOptimize.com may have ownership positions in the securities that are mentioned. If you are not sure if ETFs, algorithmic investing, or a particular investment is right for you, you are urged to consult with a Registered Investment Advisor (RIA). Neither this website nor anyone associated with producing its content are Registered Investment Advisors, and no attempt is made herein to substitute for personalized, professional investment advice. Neither ETFOptimize.com, Global Alpha Investments, Inc., nor its employees, service providers, associates, or affiliates are responsible for any investment losses you may incur as a result of using the information provided herein. Remember that past investment returns may not be indicative of future returns.

Copyright © 1998-2017 ETFOptimize.com, a publication of Optimized Investments, Inc. All rights reserved.