Tech News
New Qilin tactics a ‘bonus multiplier’ for ransomware chaos
The Qilin ransomware gang, known for their high-stakes ransomware attacks, has taken their tactics to a new level by not only stealing data from their victims but also harvesting credentials stored within Google Chrome browsers on their endpoints. This unprecedented technique has raised concerns among cybersecurity experts, as it poses a significant threat to both targeted organizations and individuals.
In a recent incident uncovered by the Sophos X-Ops research team, Qilin targeted a domain controller within a victim’s Active Directory domain, using compromised credentials obtained from a VPN portal lacking multifactor authentication. The cybercriminals then executed a series of scripts to extract credential data stored within Chrome browsers on connected machines, ultimately exfiltrating sensitive information and encrypting the victim’s files.
With Chrome being the dominant browser in the market, the potential impact of such a breach is substantial, as users often store a multitude of passwords within the browser. The X-Ops team emphasized the importance of changing all Active Directory passwords and recommended that users also update their passwords for third-party sites stored in Chrome.
Ransomware gangs are constantly evolving their tactics, and the X-Ops team warned that Qilin’s shift towards credential theft could have broader implications for future cyberattacks. By targeting endpoint-stored credentials, threat actors could gain easier access to additional targets or valuable information for targeted attacks.
What do I do now?
Google’s Password Manager service offers convenience for users but may not provide the highest level of security. It is recommended to use a reputable password manager application that follows industry best practices and has been third-party tested for security.
Implementing multifactor authentication (MFA) can significantly enhance security and prevent unauthorized access to systems. While MFA adoption is increasing among businesses, smaller enterprises should also prioritize this security measure to protect themselves and others from potential cyber threats.
It is crucial for businesses to improve their cybersecurity practices to safeguard against evolving cyber threats and protect sensitive information from malicious actors. Stay vigilant and proactive in addressing security vulnerabilities to prevent becoming a victim of cybercrime.
For further insights on this matter, Computer Weekly reached out to Google for comment but had not received a response at the time of publication.
-
Destination3 months ago
Singapore Airlines CEO set to join board of Air India, BA News, BA
-
Tech News7 months ago
Bangladeshi police agents accused of selling citizens’ personal information on Telegram
-
Motivation6 months ago
The Top 20 Motivational Instagram Accounts to Follow (2024)
-
Guides & Tips5 months ago
Have Unlimited Korean Food at MANY Unlimited Topokki!
-
Guides & Tips5 months ago
Satisfy Your Meat and BBQ Cravings While in Texas
-
Gaming4 months ago
The Criterion Collection announces November 2024 releases, Seven Samurai 4K and more
-
Self Development7 months ago
Don’t Waste Your Time in Anger, Regrets, Worries and Grudges
-
Toys6 months ago
15 of the Best Trike & Tricycles Mums Recommend