Giving further details of the original advisory published in March, in the information acquired during the FBI investigation, the agencies noted that the ransomware campaign was connected to ransom demands totalling more than $275 million.
“Since September 2022, Royal has targeted over 350 known victims worldwide and ransomware demands have exceeded 275 million USD,” the advisory reads.
“Royal conducts data exfiltration and extortion prior to encryption and then publishes victim data to a leak site if a ransom is not paid. Phishing emails are among the most successful vectors for initial access by Royal threat actors.”
In March, the two agencies shared their initial indicators of an apparent compromise, along with a list of tactics, methods, and procedures (TTPs), in order to assist defenders in identifying and thwarting attempts to deploy Royal ransomware payloads onto their networks.
The Department of Health and Human Services (HHS) security team discovered in December 2022 that the ransomware operation was responsible for several attacks against U.S. healthcare organizations. This led to the release of the joint advisory.
Royal to BlackSuit
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: