Another reason has recently surfaced why organizations shouldn’t try to respond to ransomware attacks themselves. The attackers are now shamelessly using “fake news”, creating postings that falsely claim that, upon payment of a ransom, decryption is simple and successful.
The Rapid ransomware variant has been around since March 2018, originally linked to fake IRS phishing emails. Rapid has had at least 2 major revisions and there’s currently a significant uptick in Rapid attacks using the .RPD, .rapid, and .no_more_ransom file extensions. One of Kivu’s key roles is to advise its clients before a ransom is paid regarding likely corruption and delays in decryption – key information to reduce and re-mediate business interruption
Read full Threat Intelligence Report here.
If you would like to receive our Threat Intelligence Report direct to your inbox, please subscribe.