Our own Scott Schober commented on this and said great content to this article titled New Ransom Payment Schemes Target Executives, Telemedicine which came from Krebs on Security.
As we know, threat actors are planning on stopping, especially since the holidays are around and they know they can take advantage of your hard earned money.
There is a new actor out there that is giving the Venus ransomware. The thing is, they don’t find it difficult to get in to wherever they want to target, and so far, research indicates that they’re going after healthcare for now.
I’d suggest this one a read, and it was me that posted this article twice to TSB’s list. That was not my intent, but it happens.
I hope that people take the time to read this one, because if the Venus group wanted to, they could target you and I just as skillfully.
“We imitate correspondence of the [CEO] with a certain insider who shares financial reports of his companies through which your victim allegedly trades in the stock market, which naturally is a criminal offense and — according to US federal laws [includes the possibility of up to] 20 years in prison,” one Venus member wrote to an underling.
They continue:
“You need to create this file and inject into the machine(s) like this so that metadata would say that they were created on his computer,” they continued. “One of my clients did it, I don’t know how. In addition to pst, you need to decompose several files into different places, so that metadata says the files are native from a certain date and time rather than created yesterday on an unknown machine.”
Since they’re imitating the CEO, if they ended up targeting me for example, they could inject a file which they’d probably get me to read. And, if i remember right, they could inject it in to an email somehow that didn’t exist.
I do know that it is sophistocated and people should read it. You never know what these people will do.
Discover more from Jared's Technology podcast network
Subscribe to get the latest posts sent to your email.