Call Us Today at: 503-850-3055

New Zeppelin Ransomware Brings Companies To A Halt

December 23, 2019BlogNo Comments »

New Zeppelin

Researchers at BlackBerry Cylance recently uncovered a dangerous strain of ransomware called “Zeppelin.” This discovery highlights the escalating risk of malware attack on companies, particularly those operating in the healthcare and technology sectors. Businesses must remain vigilant as ransomware continues to evolve, targeting critical industries with increasing precision.

Zeppelin’s Origins and Unique Features

Zeppelin has targeted healthcare and technology companies in the US, Canada, and Europe. Although it shares its origins with the VegaLocker ransomware family, Zeppelin’s extensive modifications make it distinct and significantly more sophisticated. Researchers noted that the new strain is highly configurable, allowing attackers to customize it for specific targets. This adaptability increases its effectiveness and makes it a more dangerous threat.

Unlike many ransomware campaigns, Zeppelin attacks have been highly selective. Researchers believe the attackers are prioritizing stealth and precision over mass distribution, which sets this malware apart from others in its class.

How Zeppelin Spreads

Hackers primarily distribute Zeppelin ransomware through supply-chain attacks involving managed security service providers. This method resembles the Sodinokibi ransomware family, another prominent threat in recent years. Zeppelin’s delivery as “Software as a Service” on underground forums further enhances its flexibility. Hackers can purchase, modify, and deploy the ransomware according to their needs, creating a scalable and versatile tool for cybercriminals.

Zeppelin’s Targeted Approach

Hackers compiled Zeppelin in early November 2019 and have since used it sparingly, focusing on “a few carefully selected targets.” Researchers suspect these limited attacks may be part of a test run or preparation for larger campaigns in the future. The careful selection of victims underscores the strategic planning behind Zeppelin’s use.

BlackBerry Cylance researchers shared this insight:

“There seem to be a limited number of victims, and we haven’t seen the malware being used in any widespread distribution campaign so far. Therefore, it looks like the threat actors are rather careful about whom they are targeting. One possibility is that the campaign hasn’t fully taken off yet, and the current victims are only the ‘patient zero’ in some kind of test run.”

Protecting Against Malware Attacks on Companies

To safeguard against malware attacks on companies, experts recommend several key strategies:

  • Use comprehensive security solutions with real-time threat detection.
  • Regularly update operating systems, software, and hardware firmware.
  • Perform frequent backups and store them on offline or secured mediums to prevent ransomware encryption.
  • Educate employees about phishing attacks and how to identify suspicious emails or links.
  • Monitor network activity closely for unusual behavior that could indicate a breach.
  • Implement multi-factor authentication to enhance account security.

These precautions are essential not only for defending against Zeppelin but for protecting against a wide range of malware threats.

Conclusion: The Growing Threat

Zeppelin poses a significant risk despite its limited distribution so far. Its adaptability, strategic delivery, and targeted nature make it a formidable opponent for businesses unprepared to counter such sophisticated threats. As malware attack on companies continue to grow in complexity, proactive defenses and vigilance are essential to mitigate risks and protect critical assets.

Used with permission from Article Aggregator

Leave a Reply