On July 28, The Federal Bureau of Investigation (FBI) issued a warning about growing Netwalker ransomware attacks, particularly targeting American and foreign health organizations, private companies and governments.

In June, the University of California, San Francisco (UCSF) paid cybercriminals $1.4 million after they affected the university’s medical school computer systems with the Netwalker ransomware.

If ransoms are not paid, Netwalker ransomware, stolen data is published online by operators. After effectively getting into the victim’s network, Netwalker encodes all associated Windows-based devices and data, locking users out of important files, databases and applications, as per the FBI’s warning.

Once performed, the ransomware installs an embedded configuration that comprises a ransom note, ransom note file names and numerous other configuration choices.

In March, hackers using Netwalker started releasing COVID-19 phishing emails and managed to spread through a visual basic scripting script attached to the email that once unlocked performs a payload.

Netwalker then started gaining unlawful access to victim networks in April by abusing unpatched virtual private network appliances and weak passwords used for remote desktop connections.

The FBI suggests no ransom be paid to cybercriminals, exhorting organizations that suffer attacks to report them to their local field offices.

To help decrease the impacts of a cyberattack, the bureau recommends supporting critical data offline, ensuring copies of data are in the cloud or an external hard drive and recurrently updating anti-virus or anti-malware software on all hosts.


Leave a Reply

Your email address will not be published. Required fields are marked *