Ragnar Locker: FBI raises ransomware alert

The FBI has issued a warning warning of the existence of RagnarLocker ransomware, which has affected 52 entities in various sectors since the beginning of the year.

There is a nasty ransomware out there that operates on a mass encryption basis, which targets critical infrastructures, and which apparently is the same ransomware that last year gave Capcom a hard time. This is Ragnar Locker. This was made known by the FBI, through the publication of an extremely detailed report with which it reported the so-called IOCs, or indicators of compromise, associated with the attacks. Kaspersky Internet Security license, the best offer on Ragnar Locker: Affected 52 entities in various sectors since January 2022 Ragnar Locker was first discovered in April 2020 and the Federal Bureau of Investigation subsequently released a first report with known IOCs at the time. In the new report, the one released in the past few hours, these indicators have been updated, including IP addresses, addresses of cryptocurrencies and emails used.

Since January 2022, at least 52 entities have been affected in various sectors, including financial services, IT, energy and government, while avoiding some countries, especially Russia. Also, obfuscation techniques are often changed to get around detection. The most popular is the distribution of a virtual instance of Windows XP that bypasses antivirus. Countermeasures that institutions should take to combat ransomware were also suggested, such as two-factor authentication, disabling unused remote access and controlling user accounts with administrative privileges.

For those who have already been affected, the FBI asked to provide some information that could be useful, such as a history of the events that occurred, evidence of data theft, copy of the ransom note, IP addresses , details about RDP and VPN connections, cryptocurrency addresses and requested amounts.