COVID-19 Alert – Ransomware Attacks up by 800% - Our CEO speaks with CBS
monster-cloud-logo-transparent
  • Cyber Security Services
    • Prevention Services
      • Penetration Testing
    • Mitigation Services
    • Recovery Services
      • Ransomware File Recovery
      • Ransomware Removal
  • Ransomware Removal
    • LAW ENFORCEMENT RECOVERY
    • .LOCK2BITS
    • .CONTI
    • .LOCKBIT
    • CRYPT
    • LOCKED
    • .BBZZ
    • .BBYY
    • .BNRS
    • OTHER TYPE OF RANSOMWARE?
  • Testimonials
  • Company
    • Career Opportunities
    • Q&A
    • News and Blog
    • University
    • Customer Support
    • Contact Us
  • REMOTE ASSIST
  • (844) 222-1221
REMOTE ASSISTLOGINSUPPORT
SUPPORT

Sigrun Ransomware: A Jingoistic Offering by Russian Operators

July 11, 2018Martin

Aside from committing for monetary gains or to build a clout, cybercrimes has now also become a part of the cold war between nation-states. In last two years, the issue of Russian hackers manipulating the results of US presidential elections has been a regular item of headlines.

Besides, every so often we come to know about a malicious cyber activity allegedly instigated by state actors. For instance, last year, WannaCry ransomware attack jolted the users all around the year. The attacks affected hundreds and thousands of users in more than 140 countries. The US authorities blamed North Korea to harbor this damaging cyber attack resulting in ransomware removal and recovery activities of millions of dollars.

What we are trying to establish here is that there are some ransomware activities where nationalism also enter into the equation. For instance, in the first week of June, cybersecurity researchers came to know about a ransomware strain that goes with the name Sigrun. The operators of this cryptovirological strain only demands ransomware removal extortion money from non-Russian users.

Sigrun Operators Avoid to Target Russian Users

The researchers have found out that the operators of Sigrun deliberately avoid targeting Russian users. They have added a feature in the script of the ransomware to detect keyboard layout of the targeted computer. If it detects Russian layout, then the strain doesn’t initiate its encryption process and deletes itself.

However, not all Russian users are using that layout. So, there are chances that a Russian can be affected by the cryptovirological activity of Sigrun. For all those ‘wrongly targeted’ users, the operators come off as accommodating individuals and offer them free ransomware removal. It is worth noting that the same operators are asking for $2,500 in cryptocurrency from non-Russian victims.

The encryption process of Sigrun ransomware is quite similar to most of the cryptovirological strains. It appends every encrypted file with the extension ‘.Sigrun’ and leave an HTML and text files as ransom notes on the desktop. Barring few extensions, nearly every file is vulnerable to the activity of Sigrun. This means extensive ransomware removal activities will be required to disinfect the affected device.

 

 

Previous post How Ransomware Targets Employees Next post How is Ransomware Faring in Hawaii?

Related Articles

MonsterCloud Helps Solve an Issue that Can Bring a Company to it’s Knees

May 16, 2017wpengine
monstercloud helps

NY TIMES: Quotation of the Day: In Computer Attacks, Clues Point to Frequent Culprit: North Korea

May 16, 2017wpengine
computer attacks

MonsterCloud’s CEO Zohar Pinhasi on CBS – Ransomware Spikes During The Holidays

January 3, 2018wpengine
MonsterCloud’s CEO Zohar Pinhasi on WPTV – Ransomware Spikes During The Holidays

Recent Posts

  • Penalties for Hackers if Caught
  • Should Systems That Have Been Attacked by Ransomware be Used Again?
  • Coronavirus Alert – Ransomware Attacks up by 800%
  • Ransomware and Bitcoin
  • Can you trust your employees? How to keep your data protected?

Archives

  • August 2020
  • March 2020
  • February 2020
  • January 2020
  • May 2019
  • January 2019
  • September 2018
  • August 2018
  • July 2018
  • June 2018
  • May 2018
  • April 2018
  • March 2018
  • January 2018
  • May 2017
  • April 2017
  • March 2017
  • February 2017
  • January 2017
  • November 2016
  • September 2016
  • August 2016
  • July 2016

Managed Cyber Security Services

MonsterCloud offers a comprehensive cyber security platform providing companies with both the technology and, more importantly, expertise needed to defend themselves from hackers, data breaches, ransomware and other external threats. It reduces reputational risk and affords companies peace-of-mind, knowing their businesses are constantly being monitored and protected by some of the world’s top cyber security experts.

Privacy Policy

Privacy Policy

Career Opportunties

Career Opporunties

Menu

  • Cyber Security Services
    • Prevention Services
    • Mitigation Services
    • Recovery Services
  • Ransomware Removal
  • News and Blog
  • MC University
  • Surveys and Data
  • Testimonials
  • Q&A
  • Give us a review!
  • Contact Us

Stay Connected & Protected

Facebook
Google+
LinkedIn
YouTube
Vimeo

Contact us

1119 S 21st Ave., Hollywood, FL 33020
844-222-1221
[email protected]

Partnerships

NoMoreRansom - MonsterCloud Partnership

Recent Posts

  • Penalties for Hackers if Caught
  • Should Systems That Have Been Attacked by Ransomware be Used Again?
  • Coronavirus Alert – Ransomware Attacks up by 800%
  • Ransomware and Bitcoin
  • Can you trust your employees? How to keep your data protected?
BizJudge.com
© 2019 MonsterCloud.com. All Rights Reserved.