Ransomware Newcomers from WithSecure September 2023

WithSecure shared these Ransomware newcomers from their September 2023 report:

3AM
A new ransomware variant and group called 3AM has struck
victims and posted victim data on its dark web leak site since
the 17th of September. Interestingly, in one known instance
an attacker deployed 3AM after failing to deploy LockBit
suggesting the attacker was an affiliate in both groups.

Retch
Little is known about newcomer Retch but its ransom note
demands a relatively low amount of €300, suggesting it is
targeting small businesses or consumers, rather than bigger
organizations.

S.H.O
Another new variant that appears to be targeting small
businesses and consumers is S.H.O. Similarly, to Retch, this
group is demanding a small ransom of $200.

Lost Trust
LostTrust has posted 52 victims to its dark web leak site, a huge
number that was all dumped on the same date, suggesting a
longer campaign. This aligns with reports that LostTrust is a
simple rebrand of MetaEncryptor, with the groups utilizing the
same website templates and encryption locker.

CiphBit
Intelligence on CiphBit is scant, but the group dumped data
relating to eight different victims on its dark web leak site
in September. These victims come from different nations
(Canada, Belgium, France, Germany, Moldova, Poland, and
the UK) and different sectors, suggesting the group is purely
opportunistic, rather than motivated by a specific target
characteristic or ideology

WithSecure is an active player in controlling the threat in today’s cybersecurity landscape adding newly found threats in their AI powered cloud based endpoint protection. If it can be detected, it can be prevented.

ARA Industries is registered partner of WithSecure aiming to secure Small and Medium enterprises in the Philippines 1 device at a time. Start securing your digital assets today using WithSecure Elements.