SecurityWeek reports that industrial companies are being increasingly targeted by the BlackCat ransomware-as-a-service group, also known as ALPHV or Noberus, which has targeted various organizations around the world since its emergence last November.
Kaspersky researchers discovered that BlackCat had attacked a South American oil, gas, mining, and construction firm with a version of the data exfiltration tool Fendr, also known as ExMatter, which included more file types usually found in industrial environments.
"These additional file extensions are used in industrial design applications, like CAD drawings and some databases, as well as RDP configuration settings, making the tool more customized towards the industrial environments that we see being targeted by this group," said Kaspersky, which also offered more information regarding the association of BlackCat with the BlackMatter hacking operation.
The findings come after Claroty had reported about the rising prevalence of significant ransomware attacks against industrial control systems and other operational technology environments.
Ransomware, Threat Management, Critical Infrastructure Security, Governance, Risk and Compliance
BlackCat ransomware attacks mainly aimed at industrial firms
Share
An In-Depth Guide to Ransomware
Get essential knowledge and practical strategies to protect your organization from ransomware attacks.
Related Events
Related Terms
Black HatBotnetBusiness Impact Analysis (BIA)Data MiningDeauthentication AttackDeepfakeDenial of ServiceDrive-by DownloadDue CareDumpSecGet daily email updates
SC Media's daily must-read of the most current and pressing daily news