Microsoft warns of new ransomware campaign by Twisted Spider group

Uses malvertising to spread Danbot Trojan, then Cactus ransomware

John Leonard
clock • 2 min read
Microsoft warns of new ransomware campaign by the Twisted Spider group
Image:

Microsoft warns of new ransomware campaign by the Twisted Spider group

According to a series of posts on X by Microsoft Threat Intelligence, Russia-based ransomware actor Storm-0216 (aka Twisted Spider, UNC2198) is using Danabot, an advanced banking Trojan, to deploy Cactus ransomware.

First identified earlier this year, Cactus uses tools and custom scripts to disable security software to ease the distribution of the ransomware binary. In the current campaign, Microsoft Threa...

To continue reading this article...

Join Computing

  • Unlimited access to real-time news, analysis and opinion from the technology industry
  • Receive important and breaking news in our daily newsletter
  • Be the first to hear about our events and awards programmes
  • Join live member only interviews with IT leaders at the ‘IT Lounge’; your chance to ask your burning tech questions and have them answered
  • Access to the Computing Delta hub providing market intelligence and research
  • Receive our members-only newsletter with exclusive opinion pieces from senior IT Leaders

Join now

 

Already a Computing member?

Login

You may also like
Microsoft overhauls Recall, makes it opt-in

Threats and Risks

The move comes after security concerns from experts

clock 10 June 2024 • 3 min read
IT Essentials: AI sharks are circling

Artificial Intelligence

Welcome to the feeding frenzy

clock 10 June 2024 • 4 min read

Sign up to our newsletter

The best news, stories, features and photos from the day in one perfectly formed email.

More on Threats and Risks

Threat group 'systematically compromising Snowflake customer instances'

Threat group 'systematically compromising Snowflake customer instances'

165 organisations notified to date

Kyle Alspach
clock 11 June 2024 • 2 min read
Microsoft warns of potential Azure Service Tags misuse by hackers

Microsoft warns of potential Azure Service Tags misuse by hackers

Ten specific Azure services are currently identified as susceptible

clock 11 June 2024 • 2 min read
Microsoft overhauls Recall, makes it opt-in

Microsoft overhauls Recall, makes it opt-in

The move comes after security concerns from experts

clock 10 June 2024 • 3 min read