MegaCortex Ransomware goes Fully Automated, Putting Enterprises at Risk of Ransoms in the Millions



megacortexA new version of MegaCortex has been spotted, upgrading it from a manual, targeted form of ransomware, to one that can be spread and do damage enterprise-wide.

What was once a ransomware variant that was only used post-exploitation as part of a targeted, manual attack requiring a password be entered by the cybercriminal, has now been re-released into the wild as a vastly improved version 2.0.

Completely automated, the latest version of MegaCortex has proven to be ready for wide-scale attacks, according to new research from Accenture’s iDefense team. It’s need for manual password entry has been removed, and it’s been beefed up with an ability to kill a number of security products, and now loads and runs its’ main payload directly from memory.

According to the research, ransoms demanded to date have ranged from approximately $20,000 to as much as $5.8 million, making this a tangible threat to small businesses and large enterprises alike.

Noted by the researcher, it’s potentially expected to see “an increase in the number of MegaCortex incidents if the actors decide to start delivering it through e-mail campaigns.”

Organizations wanting to avoid this new version need to double efforts to protect email and user interactions with email. Email security solutions can assist in detecting malware-laden attachments and potentially malicious office documents. Security Awareness Training is best suited to advise the user on the need for being security-minded, and to educate them on how to identify suspicious email and web content that may be malicious in intent.

MegaCortex sounds like it’s got some major upgrades and has an ability to do some real damage. Shoring up your security efforts is a prudent step to avoid this new version of ransomware.


Free Ransomware Simulator Tool

Threat actors are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?

KnowBe4’s "RanSim" gives you a quick look at the effectiveness of your existing network protection. RanSim will simulate 24 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.

RansIm-Monitor3Here's how it works:

  • 100% harmless simulation of real ransomware and cryptomining infections
  • Does not use any of your own files
  • Tests 25 types of infection scenarios
  • Just download the install and run it 
  • Results in a few minutes!

Get RanSim!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

https://www.knowbe4.com/ransomware-simulator



Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews