30 April 2021, 01:04 am
A strand of new ransomware is discovered to be deployed to attack SonicWall SMA 100 Series VPN appliances. The experts called it FiveHands which has a wide range of targets across Europe and North America.
According to the Mandiant security analysts, the group behind the attack is the UNC2447, which is an expert in starting data and network breaches in the system.
They also said that it is the group responsible for the deployment of FiveHands ransomware. It happened before the launch of the patches later in February.
Group s Operation Targets SonicWall
(Photo : Markus Spiske from Pexels)
UNC2447 is not new to certain exploitations of systems. Before they spread ransomware payloads, the group was spotted to be on the lookout for more deployments upon having full control of Cobalt Strike implants.