Nefilim Ransomware Gang Tied to Citrix Gateway Hacks
Mathew Schwartz reports:
A crime gang seeking “ransomware attack opportunities” is targeting organizations that use unpatched or poorly secured Citrix remote-access technology, then stealing data, unleashing crypto-locking malware and using the threat of exfiltrated data being publicly dumped to try to force payment, New Zealand’s national computer emergency response team warns.
In an alert issued last week, and subsequently amplified by the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, CERT NZ says that a “sophisticated and well-crafted” attack campaign has been hitting unprepared organizations with Nefilim – aka Nephilim – ransomware.
Read more on GovInfoSecurity.