These Moonlighting Hackers Are Using Ransomware Against Random Targets
Microsoft Threat Intelligence Center (MSTIC) is tracking the group as an emerging threat under the tag DEV-0530 and says the ‘H0lyGh0st’ payload has affected small businesses in multiple countries over the past year. It’s another double-extortion racket, so there’s a threat to files being both locked up and leaked, but the group’s motivations remain ambiguous. The group’s standard methodology is to encrypt all files on the target device and use the file extension ....