top of page
Writer's picturealvin gitonga

Montenegro šŸ’„ hit by Cuba ransomware šŸ˜ˆ attack ā˜ ļø

CyberMorans,


Ladies and Gentlemen, Montenegro is under attack!

Ā 

The government of Montenegro has provided more information about the attack on its critical infrastructure saying that ransomware is responsible for the damage and disruptions.

Public Administration Minister Maras Dukaj stated on local television yesterday that behind the attack is an organized cybercrime group ā˜ ļø. The effects of the incident continue for the tenth day šŸ‘‡


The minister added that a "special virus" is used in this attack and there is a ransom demand of $10 million. Dukaj also added that at this point, the state could not give an estimate of when the services will become available.

Ā 

False allegations and Cuba šŸ˜ˆ

Previously, Dukaj himself, along with Montenegro's Defense Minister, told local media that they had enough evidence to suspect the cyberattacks were directed by Russian services.

This gave the incident a geopolitical vibe and mobilized the Balkan country's NATO allies to help them with incident response, defense, and remediation.


The next day, though, Cuba ransomware gang listed the Parliament of Montenegro (Skupstina) as its victim and claimed to have stolen financial documents, correspondence with banks, balance sheets, tax documents, compensation, and even source code šŸ‘‡

Cuba ransomware extortion site listing Skupstina in the free section


The data was published on the "free" section of the site, available to any visitor with no restrictions.

Ā 

Cuba ransomware evolution šŸ˜ˆ

Cuba ransomware has demonstrated notable evolution lately. Three weeks ago, researchers spotted a novel toolset used by the gang along with previously unseen tactics, techniques, and proceduresšŸ‘‡


In June, Cuba ransomware updated its encryptor with additional options and set up a communication channel for "live victim support." Another notable change is observed in the group's targeting scope. In 2021, Cuba focused heavily on U.S.-based organizations.

Ā 

Conclusion šŸ¤–

Subscribe to receive notifications of similar posts šŸ˜‹ where we will be reverse engineering malware and the technical aspect of vulnerabilities as well as how an attacker may use this vulnerability as an attack vector and other Infosec stuff...šŸ˜‹


Morans,


Thank you for your time, Like and leave a comment/review and as always, stay awesome! šŸ˜‹šŸ‘Š šŸ’Ŗ


8 views0 comments

Recent Posts

See All

Comments


Post: Blog2_Post
bottom of page