Last Updated on 09/12/2021 by Nidhi Khandelwal
The FBI has issued a new warning regarding the Cuba ransomware, stating that the gang has targeted “49 companies in five vital infrastructure sectors” and demanded at least $43.9 million in ransom.
The FBI claimed the gang is targeting enterprises in the financial, government, healthcare, manufacturing, and information technology sectors, and is employing the Hancitor virus to gain access to Windows systems, according to an alert sent out on Friday.
The notification said that “Cuba ransomware is delivered by Hancitor malware, a loader renowned for delivering or executing stealers, such as Remote Access Trojans (RATs) and other varieties of ransomware, onto victims’ networks,” noting that the encrypted files have the “.cuba” extension.
According to a fresh FBI warning on the Cuba ransomware, the gang has targeted “49 companies in five important infrastructure sectors” and demanded at least $43.9 million in ransom.
According to an FBI notice issued on Friday, the gang is targeting businesses in the financial, government, healthcare, manufacturing, and information technology sectors, and is using the Hancitor malware to get access to Windows computers.
“Cuba ransomware is delivered by Hancitor malware, a loader renowned for delivering or executing stealers, such as Remote Access Trojans (RATs) and other varieties of ransomware, onto victims’ networks,” according to the notification, which also noted that the encrypted files had the “.cuba” extension.
The gang has been operating a leak site since January, becoming one of many ransomware outfits that threaten to reveal stolen data if victims do not pay the ransom.
The McAfee Advanced Threat Research Team produced a lengthy study on the group in April, citing many of the same findings as the FBI. Researchers from McAfee also discovered that, despite the fact that the group has been around for a long time, it only recently begun using its leak site to extort people.
Typically, the group targets businesses in the United States, South America, and Europe. According to McAfee, the gang has sold stolen data in the past.