Security researchers have identified a new strain of ransomware that is overwriting files larger than 2MB rather than encrypting them. In typical ransomware fashion, Onyx threat actors steal data from a compromised network before encrypting files and employ the all-too-common double-extortion tactic. However, the destructive action of deleting files larger than 2MB essentially prevents these files from being recovered. This behavior, whether intentional or accidental, further supports that there are no guarantees on data recovery when ransoms are paid. Indeed, in 2021, only 8 percent of the organizations who paid a ransom got their data back. Read more at Malwarebytes.
H2Oex: In Person 1 day event/exercise. Thurs Dec 5th. Washington DC. Join us!