It has been reported in an announcement by the cybersecurity firm that the Evil Group, the malware gang behind the attacks, targeted the IT infrastructures of the firms. Still, the companies were alerted in time to prevent deployment of the ransomware.
However, the group used the ransomware WastedLocker and managed to breach the security of the victims’ networks, and unsuccessfully attempted to lay the ground for staging the attacks.
A study has been reportedly made by the cybersecurity firm Fox-IT, a division of NCC Group, which warned about the return of Evil Group’s cybercriminal activities, after a short period of going quiet.
Likewise, the gang is well known for asking its victims to pay million-dollar ransom payments in cryptocurrencies like Bitcoin, as there are reports that the group had been asking for a combined total of $10 from an unknown number of US companies that were recently attacked.
It has been analyzed that Symantec’s Targeted Attack Cloud Analytics team first detected the early stages of WastedLocker attacks by relying on advanced machine learning to spot patterns of activity related to recent targeted attacks.
Similarly, Evil Group targeted 31 companies in the blocked attack, one of the firms is a US-based subsidiary of an overseas multinational.
As per the report, Symantec did not identify the intended victims but the cybersecurity firm’s report said the manufacturing sector was most affected, as the gang targeted five organizations related to that industry.
Thus, Symantec said:
“Successful attacks could have led to millions in damages, downtime, and a possible domino effect on supply chains.”