This article has been indexed from E Hacking News – Latest Hacker News and IT Security News
Researchers at Abnormal Security have identified a Nigerian threat actor attempting to recruit employees by offering them to pay $1 million in Bitcoin to deploy Black Kingdom ransomware on companies’ computers or Windows servers as part of an insider threat scheme.
“The sender tells the employee that if they’re able to deploy ransomware on a company computer or Windows server, then they would be paid $1 million in Bitcoin or 40% of the presumed $2.5 million ransom. The employee is told they can launch the ransomware physically or remotely. The sender provided two methods to contact them if the employee is interested—an Outlook email account and a Telegram username,” researchers explained in a report published on Thursday.
Earlier in March, Black Kingdom, also widely known as DemonWare, caught the attention of the researchers when attackers were found abusing ProxyLogon vulnerabilities affecting Microsoft Exchange Servers to infect an unpatched system with the ransomware strains.
Security researchers identified and blocked phishing emails on August 12 that solicited recipients to infect their employers’ networks with ransomware. Nigerian Threat Actor Offers $1 million to Insiders for Planting Ransomware