New “Karakurt” Threat Group is Gaining Attention Through Multiple and Frequent Extortion Attacks



New Karakurt Threat GroupA new warning from Accenture Security highlights this new cybercriminal group making waves that focuses on a "data breach and extortion” MO rather than relying on ransomware.

Very seldom do I see notices about a specific threat group unless one of two things are true – either they have successfully attacked a high-profile victim organization, or there are jumping onto the scene with lots of detected attacks.

In the case of Karakurt, it may be a bit of both.

According to a new notice put out by Accenture Security, Karakurt has been a focus of theirs since only September 2021. With a supposed 40 victim organizations in only 90 days, this cybercriminal group appears to be a formidable adversary. And given Accenture’s customers are typically larger Enterprises with $1B+ in revenues, it’s likely that Karakut has successfully attacked a well-known organization that has somehow stayed out of the headlines.

The group maintain a site promoting the “Karakurt hacking team” and provides press releases on attacks and leaked files.

Karakurt-group-main-page-724-701

Source: Accenture Security

According to Accenture, 95% of Karakurt’s victim organizations are in North America with the most attacked industries (based on the limited attack data to-date) being professional services, technology, healthcare, and retail.

Accenture feels we’ve only just seen the beginning of Karakurt, stating “Accenture Security assess with high confidence that the group's operations have just begun, and that Karakurt activity will likely continue to proliferate into the foreseeable future, impacting additional victims.”


Request A Demo: Security Awareness Training

products-KB4SAT6-2-1New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn't a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4's security awareness training and simulated phishing platform and see how easy it can be!

Save My Spot!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

https://info.knowbe4.com/kmsat-request-a-demo

Subscribe To Our Blog


Anti-Phishing Guide ebook




Get the latest about social engineering

Subscribe to CyberheistNews