Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Egregor ransomware bombards victims' printers with ransom notes
#1
https://www.bleepingcomputer.com/news/se...som-notes/        Egregor ransomware bombards victims' printers with ransom notes
By Lawrence Abrams
November 18, 2020 05:25 PM          The Egregor ransomware uses a novel approach to get a victim's attention after an attack - shoot ransom notes from all available printers.

Ransomware gangs know that many businesses would rather hide a ransomware attack than make it public, including to employees, for fear of the news affecting stock prices and their reputation.

To increase public awareness of the attack and pressure a victim into paying, the Egregor operation is known to repeatedly print ransom notes from all available network and local printers after an attack.

While BleepingComputer has been aware of this tactic, it wasn't until last weekend after Egregor's attack on retail giant Cencosud that we saw it in action.

El #ransomware que le pegó a Cencosud es #Egregor. La ransom note empezó a salir en las impresoras de varios locales de Argentina y Chile pic.twitter.com/k1Ps4IDUyq

— Irlenys (@Irlenys) November 15, 2020
As you can see from a closeup of the printout, this is the same ransom note created on computers being printed to a receipt printer.      BleepingComputer can confirm that it is not the ransomware executable performing the printing of ransom notes.

Instead, it is believed that the ransomware attackers utilize a script at the end of an attack to print out ransom notes to all available printers.

This script has not been found as of yet.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Maastricht University gets partial ransom back after ransomware attack in 2019 mrtrout 0 748 07-03-2022 , 09:56 PM
Last Post: mrtrout
  RansomEXX ransomware Linux encryptor may damage victims' files mrtrout 0 796 09-30-2021 , 09:52 PM
Last Post: mrtrout
  SynAck ransomware gang releases decryption keys for old victims mrtrout 0 794 08-13-2021 , 07:10 AM
Last Post: mrtrout
  Australian Organizations Spent $55 Million in Ransom Payments mrtrout 0 854 07-17-2021 , 06:55 AM
Last Post: mrtrout
  Refunds Offered to Victims of Ziggy Ransomware Gang Bjyda 0 987 03-31-2021 , 07:55 PM
Last Post: Bjyda



Users browsing this thread: 1 Guest(s)