Breaking News

Egregor is a ransomware from the Sekhmet malware family that has been active since the middle of September 2020.

One of the most active ransomware groups, Egregor is part of the Sekhmet malware family that has been active since mid-September 2020. Like most other Ransomware groups, it targets organizations across the world. The ransomware operates by hacking into organizations, stealing sensitive user documents, encrypting data, and finally demanding ransom in exchange of decrypted documents.

Allegedly, 52 companies have been breached by the threat actor till today (as of October 30, 2020), from GEFCO group being among the first ones to the more recently affected organizations such as Crytek, Ubisoft, Foxtons Group, and Barnes & Noble.

U.S. government cybersecurity experts warned that “sophisticated threat actors” have been using new Russian malware variants, ComRAT and Zebrocy, in recent cyberattacks.

According to new malware analysis reports, Russian advanced persistent threat (APT) actors from Turla have developed new malware variant ComRAT.

In addition, Russian-linked APT28 hacking group has been behind attacks using Zebrocy malware.

Phishing attacks against universities worldwide attributed to the Silent Librarian APT group.
New phishing document targeting staff at the University of British Columbia (UBC) with a fake COVID-19 survey.

However, this attack and motives are different than the ones previously documented.
The survey is a malicious Word document whose purpose is to download ransomware and extort victims to recover their encrypted files.