There was an advisory published late on Monday about the Play ransomware gang that was put out by the Federal Bureau of Investigation (FBI) together with the US Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre.
The Play gang is thought to have debuted last year and has launched multiple attacks on targets since then.
It was first spotted being deployed against South American government agencies around the middle of last year but pivoted months later to target entities in the US and Europe.
The FBI and other cyber security agencies are warning about the rise of the Play ransomware double-extortion group which has now attacked hundreds of organizations.
Since June 2022, Play ransomware – also known as Playcrypt – has hit a wide range of businesses and critical infrastructure organizations in North America, South America, and Europe, the cyber security advisory said.
Unlike typical ransomware operations, the Play ransomware affiliates use email communication for negotiations, rather than providing Tor negotiations page links in ransom notes left on compromised systems.
However, the gang still employs strategies commonly associated with ransomware, such as stealing sensitive documents from compromised systems to pressure victims into paying ransom demands under the threat of leaking the stolen data online.
The Federal Bu
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: