GhostLocker 2.0 Haunts Businesses Across Middle East, Africa & Asia

Cybercriminals have developed an enhanced version of the infamous GhostLocker ransomware that they are deploying in attacks across the Middle East, Africa, and Asia.

Two ransomware groups, GhostSec and Stormous, have joined forces in the attack campaigns with double-extortion ransomware attacks using the new GhostLocker 2.0 to infect organizations in Lebanon, Israel, South Africa, Turkey, Egypt, India, Vietnam, and Thailand, as well as other locations.

Technology companies, universities, manufacturing, transportation, and government organizations are bearing the brunt of attacks, which attempt to scam victims into paying for decryption keys needed to unscramble data that was rendered inaccessible by the file-encrypting malware. The attackers also threaten to release the stolen sensitive data unless the victims pay them hush money, according to researchers at Cisco Talos, who discovered the new malware and cyberattack campaign.

GhostLocker 2.0 encrypts files on the victim’s machine using the file extension .ghost before dropping and opening a ransom note. Prospective marks warn that stolen data will be leaked unless they contact ransomware operators before a seven-day deadline expires.

GhostLocker 2.0 Haunts Businesses Across Middle East, Africa & Asia

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address

GhostLocker 2.0 Haunts Businesses Across Middle East, Africa & Asia

05-Mar-24

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address