The Federal Bureau of Investigation (FBI) and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) have released a critical warning about the sharp rise in Play ransomware attacks. The agencies report that this cyber threat has affected hundreds of organizations across the Americas and Europe, including vital service providers and businesses.
The updated alert comes after the FBI identified over 900 confirmed victims in May alone, which is three times more than previously reported. Cybersecurity experts are urging organizations to act quickly to strengthen their defenses and stay informed about how these cybercriminals operate.
How the Play Ransomware Works
Play ransomware attackers use various advanced methods to break into systems. They often start by targeting services that are accessible from outside, like Remote Desktop Protocol (RDP) and Virtual Private Networks (VPNs). Once they gain access, they move within the network, stealing login details and aiming to control the system entirely.
The FBI notes that the attackers do not immediately demand payment in their ransom notes. Instead, they leave email addresses that victims must contact. These emails usually come from unique addresses linked to German domains. In some cases, the criminals also make threatening phone calls to pressure victims into paying.
Connections to Other
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.