The advisory from the FBI, CISA, and MS-ISAC warns about Ghost ransomware, originating from China and affecting organizations across 70 countries since 2021. Targeting sectors such as healthcare, schools, and government, the group's financial motives drive exploitation of vulnerabilities in outdated internet-facing services. Using publicly available code, they deploy ransomware like Cring.exe and Locker.exe, encrypting files and demanding payment in cryptocurrency from their victims. The advisory highlights the urgent need for vigilance and updated cybersecurity measures to mitigate this growing threat.
Ghost ransomware, active since early 2021 and originating from China, poses a significant threat globally, targeting critical infrastructure and demanding ransom in cryptocurrency.
The group exploits known vulnerabilities in internet-facing services, notably targeting outdated software and firmware to deploy ransomware payloads and infiltrate organizations.
Collection
[
|
...
]