Sophos just released their analysis of the MegaCortex ransomware whose speed and spread of attack are very worrying! Get the key details about MegaCortex and how to prevent an attack!
What Is Megacortex?
MegaCortex is a new ransomware that was rarely seen until it suddenly spiked in volume in May 2019. Similar to infamous ransomware like Ryuk and BitPyamer, it is now spreading rapidly in these countries :
- US
- Canada
- Argentina
- Italy
- The Netherlands
- France
- Ireland
- Hong Kong
- Indonesia
- Australia
Why Is MegaCortex Dangerous?
Ransomware attacks are usually carried out in 3 ways:
- Manual attacks
- Automated attacks
- Blended attacks
Unlike Ryuk and BitPyamer, MegaCortex is controlled by cybercriminals using more automated tools, and designed to spread infection to many victims at a much faster speed.
What Does MegaCortex Demand?
Unlike other ransomware attacks, MegaCortex has no clear ransom demands.
All it does is invite its victims to email the attackers on any of two free email addresses, attaching a file that had been dropped into the victim’s hard disk drive, to request decryption services.
The ransom note includes “a guarantee that your company will never be inconvenienced by us“. On top of that, if the victim pays the ransom, “You will also receive a consultation on how to improve your companies cyber security“.
How sweet of them.
How To Protect Against MegaCortex
Sophos recommends the following steps to protect your business from MegaCortex and the threat of ransomware attacks in general :
- Companies are cautioned to be on the highest alert should they see warning signs about Emotet or Qbot, as there is strong correlation between MegaCortex and the two ransomwares.
- Place the company Remote Desktop Protocol (RDP) machine behind a Virtual Private Network (VPN)
- Practice two-factor authentication for systems logins
- Regular backup of important and current data on an offline storage device
- Use anti-ransomware software like Sophos Intercept X Advanced.
Recommended Reading
- Secureworks Launches Red Cloak TDR Cybersecurity Service!
- Sophos Global Report : Cyberattacks On Cloud Honeypots!
- Sophos Mobile Security Now Integrates With Microsoft Intune!
- Sophos Intercept X with Predictive Protection Explained!
- The 2019 Kaspersky Cybersecurity Report – Key Findings + Advice!
- The 2019 Kaspersky ICS CERT Report + Recommendations!
- 2019 Symantec Internet Security Threat Report Highlights!
- Google Password Checkup Guide – Read Before You Install!
- Kaspersky Lab Warns Of Malicious Cryptocurrency Mining!
- The Lenovo ThinkShield Tech Briefing by Thorsten Stremlau!
Go Back To > Cybersecurity | Home
Support Tech ARP!
If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!