Cyber Threat Weather
BLOG CERT SOGETI ESEC
CERT CYBER THREAT WEATHER

Cyber Threat Weather - May 2021

Rather cloudy on the ransomware / doxware scene this month, focus on the evolution and activities of Carbon Spider (Darkside).

Summary report

Weak signals for Strategic CTI

  • A unique capability of Darkside is to mount additional partitions to further encrypt them
  • Another peculiar function is to enumerate and attempt encrypting network shares with low permission levels

Anticipation : Such worming/reconnaissance and additional partition encryption capabilities could encounter a great success by the top-tier doxware/ransomware operators in a near future.

 

Highlights

Ransomware-as-a-service landscape evolution, along with a more in depth Darkside's history.

 

Download the report

Print Email