Prometheus Ransomware Targets US, UK, and 12 More Countries—It Can Kill Backup Files and MORE!

The new Prometheus ransomware is the latest malicious online attack that targets the United States, the United Kingdom, and several other countries. Security experts involved in the investigation confirmed that there are a total of 12 countries currently affected.

New Ransomware Is Currently Attacking US and Other Countries: How Serious Is Prometheus Attack?
A hacker using a laptop computer at the Hacked By Def Con Press Preview during the 2016 Tribeca Film Festival at Spring Studios on April 15, 2016 in New York City. Photo by Rob Kim/Getty Images for Tribeca Film Festival

Because of this, Palo Alto Networks, one of the biggest security firms, published its findings on Wednesday, June 9.

"Unit 42 has spent the past four months following the activities of Prometheus, a new player in the ransomware world that uses similar malware and tactics to ransomware veteran Thanos," said Palo Alto Networks.

"Prometheus leverages double-extortion tactics and hosts a leak site, where it names new victims and posts stolen data available for purchase," added the security company.

Prometheus Ransomware

According to Cyber Scoop's latest report, the new Prometheus ransomware can attack various organizations, including some government agencies. Security researchers from Palo Alto Networks claimed that this malicious attack can lead to serious national security threats.

New Ransomware Is Currently Attacking US and Other Countries: How Serious Is Prometheus Attack?
A particpant checks a circuit board next to an oscilloscope on the first day of the 28th Chaos Communication Congress (28C3) - Behind Enemy Lines computer hacker conference on December 27, 2011 in Berlin, Germany. The Chaos Computer Club is Europe's biggest network of computer hackers and its annual congress draws up to 3,000 participants. Photo by Adam Berry/Getty Images

On the other hand, they confirmed that the new ransomware already breached around 30 companies and organizations in the United States, U.K., and other countries.

Specifically, the hackers behind Prometheus focus on breaching systems used in manufacturing, consulting, logistics, insurance, agriculture, and legal industries.

Meanwhile, some critics and other security experts claimed that these hackers are connected with REvil, another hacking group believed to be based in Russia. If this is true, then new Prometheus ransomware could make a serious breach since REvil already infiltrated the global meat supplier JBS.

REvil and Prometheus are just one of the rising hacking groups right now. Other cybercriminals include those targeting Bose, Conti, and other giant companies and organizations.

How Does It Attack A System?

Palo Alto Networks' official website explained that once the new Prometheus ransomware infiltrates a system, it will start killing several backup files and other security software-related processes. These include the so-called Raccine, which is a tool that can prevent a ransomware attack.

On the other hand, this new malicious content also appends an extension using the following format.[XXX-XXX-XXXX]. Because of this, the security firm concluded that the hackers behind the new ransomware can generate a unique payload per victim.

For more news updates about Prometheus ransomware and other new security threats, always keep your tabs open here at TechTimes.

This article is owned by TechTimes

Written by: Griffin Davis

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics