Surge of MegaCortex Ransomware attacks detected

A new strain named MegaCortex.

A cyber-security firm in the UK has reported detecting a spike in ransomware attacks at the end of last week from a new strain named MegaCortex. The firm said the MegaCortex ransomware appears to have been designed to target large enterprise networks as part of carefully planned targeted intrusions – a tactic that is known as “big-game hunting.” The modus operandi is not new and has been the preferred method of delivering ransomware for almost half a year.

MegaCortex now joins an ever-growing list of ransomware strains that cyber-criminal groups are using only in targeted attacks, rather than with spam or other mass deployment techniques. The list includes some recognizable names, such as Ryuk, Bitpaymer, Dharma, SamSam, LockerGoga, and Matrix.

SUDDEN RISE OF ATTACKS THIS MONTH.

According to a report released late Friday night 3rd May 2019, MegaCortex was first spotted back in late January, when someone uploaded a sample on malware scanning service VirusTotal.

Since then, the number of attacks has been growing, but they spiked mid last week when the firm says it detected 47 attacks – accounting for two-thirds of all the 76 MegaCortex attacks the company has seen all year.

The firm says it blocked the attacks it detected, which originated from enterprise networks located in the United States, Canada, the Netherlands, Ireland, Italy, and France. However, other megacortex attacks might have occurred in other places where the UK antivirus vendor had no coverage.