The new Prometheus ransomware is the latest malicious online attack that targets the United States, the United Kingdom, and several other countries. Security experts involved in the investigation confirmed that there are a total of 12 countries currently affected.
Because of this, Palo Alto Networks, one of the biggest security firms, published its findings on Wednesday, June 9.
"Unit 42 has spent the past four months following the activities of Prometheus, a new player in the ransomware world that uses similar malware and tactics to ransomware veteran Thanos," said Palo Alto Networks.
"Prometheus leverages double-extortion tactics and hosts a leak site, where it names new victims and posts stolen data available for purchase," added the security company.
Prometheus Ransomware
According to Cyber Scoop's latest report, the new Prometheus ransomware can attack various organizations, including some government agencies. Security researchers from Palo Alto Networks claimed that this malicious attack can lead to serious national security threats.
On the other hand, they confirmed that the new ransomware already breached around 30 companies and organizations in the United States, U.K., and other countries.
Specifically, the hackers behind Prometheus focus on breaching systems used in manufacturing, consulting, logistics, insurance, agriculture, and legal industries.
Meanwhile, some critics and other security experts claimed that these hackers are connected with REvil, another hacking group believed to be based in Russia. If this is true, then new Prometheus ransomware could make a serious breach since REvil already infiltrated the global meat supplier JBS.
REvil and Prometheus are just one of the rising hacking groups right now. Other cybercriminals include those targeting Bose, Conti, and other giant companies and organizations.
How Does It Attack A System?
Palo Alto Networks' official website explained that once the new Prometheus ransomware infiltrates a system, it will start killing several backup files and other security software-related processes. These include the so-called Raccine, which is a tool that can prevent a ransomware attack.
On the other hand, this new malicious content also appends an extension using the following format.[XXX-XXX-XXXX]. Because of this, the security firm concluded that the hackers behind the new ransomware can generate a unique payload per victim.
For more news updates about Prometheus ransomware and other new security threats, always keep your tabs open here at TechTimes.
Related Article : New Hack Targeting iConstituent Also Affects 60 Members Of US Congress
This article is owned by TechTimes
Written by: Griffin Davis