Black Kingdom Case

A Nigerian threat actor is offering employees $1 million dollars in bitcoin to unleash ransomware Black Kingdom on companies networks. Black Kingdom aka Demon Ware aka DEMON, was first discovered in early March this year exploiting Microsoft Exchange servers to infect unpatched systems with their ransomware strain. The social network start up called Sociogram is behind the ransom demands. Sociogram are using LinkedIn to find corporate email addresses of senior level executives to run business email compromise.

 

Best,

Bingo

 

References

 

https://thehackernews.com/2021/08/cybercrime-group-asking-insiders-for.html

 

https://www.zdnet.com/article/ransomware-this-amateur-attack-shows-how-clueless-criminals-are-trying-to-get-in-on-the-action/

 

https://securityboulevard.com/2021/04/black-kingdom-ransomware-jumps-on-the-exchange-express/