industry unlocked currently being forensically examined to secure evidence and identify new investigative leads .
The ticking time bomb of undetected malware
The targeted suspects all had different roles in these professional , highly organised criminal organisations .
Some of these criminals were dealing with the penetration effort , using multiple mechanisms to compromise IT networks , including brute force attacks , SQL injections , stolen credentials and phishing emails with malicious attachments .
As the result of the action day , over US $ 52,000 in cash was seized , alongside five luxury vehicles .
Once on the network , some of these cyber actors would focus on moving laterally , deploying malware such as Trickbot , or post-exploitation frameworks such as Cobalt Strike or PowerShell Empire , to stay undetected and gain further access .
The criminals would then lay undetected in the compromised systems , sometimes for months , probing for more weaknesses in the IT networks before moving on to monetising the infection by deploying a ransomware .
These cyber actors are known to have deployed LockerGoga , MegaCortex and Dharma ransomware , among others .
The effects of the ransomware attacks were devastating as the criminals had had the time to explore the IT networks undetected . A ransom note was then presented to the victim , which demanded the victim pay the attackers in Bitcoin in exchange for decryption keys .
A number of the individuals interrogated are suspected of being in charge of laundering the ransom payments : they would funnel the Bitcoin ransom payments through mixing services , before cashing out the ill-gotten gains . www . intelligentciso . com
45