Get Permission
The Cybersecurity and Infrastructure Security Agency has issued an alert providing more details on the threat posed by FiveHands ransomware attacks.
The CISA alert, which follows one issued last week by FireEye s Mandiant research team, describes the ransomware gang s methods and offers risk mitigation tips. Threat actors used publicly available penetration testing and exploitation tools, FiveHands ransomware and the SombRAT remote access Trojan, to steal information, obfuscate files and demand a ransom from the victim organization, CISA says. Additionally, the threat actors used publicly available tools for network discovery and credential access.
Series of Attacks
FireEye said it observed an attack group using FiveHands in extortion incidents during January and February. The group has mainly targeted small and midsized businesses in telecommunications, healthcare, construction, engineering, food and beverage, education, real estate and other sectors, the