UNC2447 SOMBRAT and FIVEHANDS Ransomware: A Sophisticated Financial Threat

Read the original article: UNC2447 SOMBRAT and FIVEHANDS Ransomware: A Sophisticated Financial Threat


Mandiant has observed an aggressive financially motivated group,
UNC2447, exploiting one SonicWall VPN zero-day vulnerability prior to
a patch being available and deploying sophisticated malware previously
reported by other vendors as SOMBRAT. Mandiant has linked the use of
SOMBRAT to the deployment of ransomware, which has not been previously
reported publicly.

UNC2447 monetizes intrusions by extorting their victims first with
FIVEHANDS ransomware followed by aggressiv

[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.


Read the original article: UNC2447 SOMBRAT and FIVEHANDS Ransomware: A Sophisticated Financial Threat