Ransomware Gang Exploits SonicWall Zero-day Bug To Deploy FiveHands Malware

The ransomware gang tracked as UNC2447 actively exploited a zero-day bug in Sonicwall SMA 100 Series VPN appliances to breach networks of North American and European targets using FiveHands ransomware.

The gang has also used Cobalt Strike implants to install SombRAT backdoor, which was first discovered in CostaRicto campaign.

The FiveHands ransomware used by the group is very similar to HelloKitty and DeathRansom ransomware.



Read More

Got Something To Say?

Your email address will not be published. Required fields are marked *