ESTsecurity, the number of ALYac Ransomware behavior-based blocks in the first quarter totaled about 177,000, an increase of approximately 14,000 cases from the previous quarter
ESTsecurity, the number of ALYac Ransomware behavior-based blocks in the first quarter totaled about 177,000, an increase of approximately 14,000 cases from the previous quarter
ESTsecurity, the number of ALYac Ransomware behavior-based blocks in the first quarter totaled about 177,000, an increase of approximately 14,000 cases from the previous quarter
ESTsecurity, the number of ALYac Ransomware behavior-based blocks in the first quarter totaled about 177,000, an increase of approximately 14,000 cases from the previous quarter
broad
ALYac 'Ransomware Behavior-based Pre-Blocking Feature' blocked a total of 177,732 attacks in the first quarter, an average of 1,974 attacks per day
ALYac 'Ransomware Behavior-based Pre-Blocking Feature' blocked a total of 177,732 attacks in the first quarter, an average of 1,974 attacks per day
ALYac 'Ransomware Behavior-based Pre-Blocking Feature' blocked a total of 177,732 attacks in the first quarter, an average of 1,974 attacks per day
ALYac 'Ransomware Behavior-based Pre-Blocking Feature' blocked a total of 177,732 attacks in the first quarter, an average of 1,974 attacks per day
Security specialist company ESTsecurity (CEO Jung Jin-il) announced on the 13th that it blocked a total of 177,732 Ransomware attacks in the first quarter of 2022 through the 'Ransomware Behavior-based Pre-blocking' feature installed in its antivirus program 'ALYac'.
According to statistics, the number of Ransomware attacks blocked through ALYac in the first quarter was ▲a total of 177,732 cases, which can be seen as an average of ▲about 1,974 cases of Ransomware attacks being blocked daily when converted to a daily basis.
This statistic is the result of counting only the attacks blocked through the 'Ransomware Behavior-based Pre-blocking Function' of the public ALYac antivirus program provided for free to individual users, and it is estimated that the total number of attacks would be much higher when pattern-based attacks are included.
ESTsecurity selected the following as the main trends of Ransomware in the first quarter of 2022: ▲ the war between Russia and Ukraine and Ransomware ▲ the active VenusLocker group ▲ Magniber Ransomware spread through Typosquatting ▲ continued Ransomware damage to global companies.
First of all, the noteworthy issue in the first quarter of 2022 can be cited as Ransomware attacks related to Russia's invasion of Ukraine. The war between Russia and Ukraine has caused global confusion in various fields such as social and economic, and Ransomware attack organizations are also exploiting this issue. Among them, the typical Ransomware is HermeticRansom, which was found to play the role of bait for a wiper attack aimed at deleting data targeting Ukrainian systems, not for the purpose of extortion. In addition, a Ukrainian security researcher leaked the source code of Conti Ransomware, which is speculated to be a retaliatory act against the announcement that Conti Ransomware supports the Russian government.
The activities of the VenusLocker group also continue actively. The VenusLocker group, which has been consistently spreading Ransomware in South Korea since 2017, is still continuously spreading Ransomware in the country using contents such as resumes, copyright infringement, etc. Previously, the Makop Ransomware was continuously spread, but recently there have been signs that the LockBit Ransomware is being spread.
Typosquatting-based Magniber Ransomware distribution has also been rediscovered. Typosquatting is an attack method that redirects to another page if the domain address is entered incorrectly or spelled wrong. Magniber Ransomware is being spread targeting Chrome and Edge browser users using the Typosquatting method, and on the induced page, users are led to download an MSI file. MSI is an extension used in Windows Installer, and if the user runs the file without suspicion, they become infected with Ransomware.
Global companies are also continuing to suffer from Ransomware damage. The luxury clothing brand Moncler had data leaked after being attacked by the BlackCat (or AlphV) Ransomware in December 2021, and the leaked data was also released on the Tor network in January. Swissport International, an aviation services company, was also attacked by Ransomware, delaying some flights, and Nvidia was also confirmed to be affected by Ransomware attacks on some systems.
An ESRC official from ESTsecurity said, "The recent continuous increase in Ransomware attacks, as well as the distribution methods, are evolving to match the social environment," and "As the number of employees performing telecommuting to prevent the spread of the COVID-19 virus is increasing, it is mandatory to check the security update status of the OS/SW of the telecommuting terminals connecting to the company's internal network, as well as concurrently conducting employee security awareness training."
Meanwhile, ESTsecurity continues to collect Ransomware information and carry out organic response cooperation through close cooperation with the Korea Internet & Security Agency (KISA) to prevent domestic users from being harmed by Ransomware infections in advance.
In addition, ESRC has revealed other new or noteworthy Ransomwares discovered or worth attention in the first quarter of 2022.
Security specialist company ESTsecurity (CEO Jung Jin-il) announced on the 13th that it blocked a total of 177,732 Ransomware attacks in the first quarter of 2022 through the 'Ransomware Behavior-based Pre-blocking' feature installed in its antivirus program 'ALYac'.
According to statistics, the number of Ransomware attacks blocked through ALYac in the first quarter was ▲a total of 177,732 cases, which can be seen as an average of ▲about 1,974 cases of Ransomware attacks being blocked daily when converted to a daily basis.
This statistic is the result of counting only the attacks blocked through the 'Ransomware Behavior-based Pre-blocking Function' of the public ALYac antivirus program provided for free to individual users, and it is estimated that the total number of attacks would be much higher when pattern-based attacks are included.
ESTsecurity selected the following as the main trends of Ransomware in the first quarter of 2022: ▲ the war between Russia and Ukraine and Ransomware ▲ the active VenusLocker group ▲ Magniber Ransomware spread through Typosquatting ▲ continued Ransomware damage to global companies.
First of all, the noteworthy issue in the first quarter of 2022 can be cited as Ransomware attacks related to Russia's invasion of Ukraine. The war between Russia and Ukraine has caused global confusion in various fields such as social and economic, and Ransomware attack organizations are also exploiting this issue. Among them, the typical Ransomware is HermeticRansom, which was found to play the role of bait for a wiper attack aimed at deleting data targeting Ukrainian systems, not for the purpose of extortion. In addition, a Ukrainian security researcher leaked the source code of Conti Ransomware, which is speculated to be a retaliatory act against the announcement that Conti Ransomware supports the Russian government.
The activities of the VenusLocker group also continue actively. The VenusLocker group, which has been consistently spreading Ransomware in South Korea since 2017, is still continuously spreading Ransomware in the country using contents such as resumes, copyright infringement, etc. Previously, the Makop Ransomware was continuously spread, but recently there have been signs that the LockBit Ransomware is being spread.
Typosquatting-based Magniber Ransomware distribution has also been rediscovered. Typosquatting is an attack method that redirects to another page if the domain address is entered incorrectly or spelled wrong. Magniber Ransomware is being spread targeting Chrome and Edge browser users using the Typosquatting method, and on the induced page, users are led to download an MSI file. MSI is an extension used in Windows Installer, and if the user runs the file without suspicion, they become infected with Ransomware.
Global companies are also continuing to suffer from Ransomware damage. The luxury clothing brand Moncler had data leaked after being attacked by the BlackCat (or AlphV) Ransomware in December 2021, and the leaked data was also released on the Tor network in January. Swissport International, an aviation services company, was also attacked by Ransomware, delaying some flights, and Nvidia was also confirmed to be affected by Ransomware attacks on some systems.
An ESRC official from ESTsecurity said, "The recent continuous increase in Ransomware attacks, as well as the distribution methods, are evolving to match the social environment," and "As the number of employees performing telecommuting to prevent the spread of the COVID-19 virus is increasing, it is mandatory to check the security update status of the OS/SW of the telecommuting terminals connecting to the company's internal network, as well as concurrently conducting employee security awareness training."
Meanwhile, ESTsecurity continues to collect Ransomware information and carry out organic response cooperation through close cooperation with the Korea Internet & Security Agency (KISA) to prevent domestic users from being harmed by Ransomware infections in advance.
In addition, ESRC has revealed other new or noteworthy Ransomwares discovered or worth attention in the first quarter of 2022.
Security specialist company ESTsecurity (CEO Jung Jin-il) announced on the 13th that it blocked a total of 177,732 Ransomware attacks in the first quarter of 2022 through the 'Ransomware Behavior-based Pre-blocking' feature installed in its antivirus program 'ALYac'.
According to statistics, the number of Ransomware attacks blocked through ALYac in the first quarter was ▲a total of 177,732 cases, which can be seen as an average of ▲about 1,974 cases of Ransomware attacks being blocked daily when converted to a daily basis.
This statistic is the result of counting only the attacks blocked through the 'Ransomware Behavior-based Pre-blocking Function' of the public ALYac antivirus program provided for free to individual users, and it is estimated that the total number of attacks would be much higher when pattern-based attacks are included.
ESTsecurity selected the following as the main trends of Ransomware in the first quarter of 2022: ▲ the war between Russia and Ukraine and Ransomware ▲ the active VenusLocker group ▲ Magniber Ransomware spread through Typosquatting ▲ continued Ransomware damage to global companies.
First of all, the noteworthy issue in the first quarter of 2022 can be cited as Ransomware attacks related to Russia's invasion of Ukraine. The war between Russia and Ukraine has caused global confusion in various fields such as social and economic, and Ransomware attack organizations are also exploiting this issue. Among them, the typical Ransomware is HermeticRansom, which was found to play the role of bait for a wiper attack aimed at deleting data targeting Ukrainian systems, not for the purpose of extortion. In addition, a Ukrainian security researcher leaked the source code of Conti Ransomware, which is speculated to be a retaliatory act against the announcement that Conti Ransomware supports the Russian government.
The activities of the VenusLocker group also continue actively. The VenusLocker group, which has been consistently spreading Ransomware in South Korea since 2017, is still continuously spreading Ransomware in the country using contents such as resumes, copyright infringement, etc. Previously, the Makop Ransomware was continuously spread, but recently there have been signs that the LockBit Ransomware is being spread.
Typosquatting-based Magniber Ransomware distribution has also been rediscovered. Typosquatting is an attack method that redirects to another page if the domain address is entered incorrectly or spelled wrong. Magniber Ransomware is being spread targeting Chrome and Edge browser users using the Typosquatting method, and on the induced page, users are led to download an MSI file. MSI is an extension used in Windows Installer, and if the user runs the file without suspicion, they become infected with Ransomware.
Global companies are also continuing to suffer from Ransomware damage. The luxury clothing brand Moncler had data leaked after being attacked by the BlackCat (or AlphV) Ransomware in December 2021, and the leaked data was also released on the Tor network in January. Swissport International, an aviation services company, was also attacked by Ransomware, delaying some flights, and Nvidia was also confirmed to be affected by Ransomware attacks on some systems.
An ESRC official from ESTsecurity said, "The recent continuous increase in Ransomware attacks, as well as the distribution methods, are evolving to match the social environment," and "As the number of employees performing telecommuting to prevent the spread of the COVID-19 virus is increasing, it is mandatory to check the security update status of the OS/SW of the telecommuting terminals connecting to the company's internal network, as well as concurrently conducting employee security awareness training."
Meanwhile, ESTsecurity continues to collect Ransomware information and carry out organic response cooperation through close cooperation with the Korea Internet & Security Agency (KISA) to prevent domestic users from being harmed by Ransomware infections in advance.
In addition, ESRC has revealed other new or noteworthy Ransomwares discovered or worth attention in the first quarter of 2022.
WE WORK WITH AI
We believe that AI makes the world more convenient and safer
1.
Senior care with AI
AI senior care service that takes responsibility for seniors' Fun and cognitive enhancement with AI human technology
2.
Education with AI
Celebrity instructor video lecture creation, TOEIC speaking education content production, as a fitness training instructor
Expansion of educational businesses in various fields such as AI content
3.
Content with AI
Implementing 'moving pictures' with EST AI technology, 'face transformation, makeup application, and clothing creation' through deep learning
Creating and utilizing various AI human content such as new employee analysts, announcers, etc.
4.
API business with AI
Companies can focus on their inherent customer value by providing data and solutions using AI
as an API.
5.
Software with AI
Background removal technology applied in ALSee Capture, like the smooth design of ESTsoft AI technology and ALTools products,
provides the utility environment that users want.
WE WORK WITH AI
We believe that AI makes
the world more convenient
and safer
1.
Senior care with AI
AI senior care service that takes responsibility for seniors' Fun and cognitive enhancement with AI human technology
2.
Education with AI
Celebrity instructor video lecture creation, TOEIC speaking education content production, as a fitness training instructor
Expansion of educational businesses in various fields such as AI content
3.
Content with AI
Implementing 'moving pictures' with EST AI technology, 'face transformation, makeup application, and clothing creation' through deep learning
Creating and utilizing various AI human content such as new employee analysts, announcers, etc.
4.
API business with AI
We provide data and solutions utilizing AI through APIs to enable companies to focus on their inherent customer value.
5.
Software with AI
Background removal technology applied in ALSee Capture, like the smooth design of ESTsoft AI technology and ALTools products,
provides the utility environment that users want.
WE WORK WITH AI
We believe that AI makes the world more convenient and safer
1.
Senior care with AI
AI senior care service that takes responsibility for seniors' Fun and cognitive enhancement with AI human technology
2.
Education with AI
Celebrity instructor video lecture creation, TOEIC speaking education content production, as a fitness training instructor
Expansion of educational businesses in various fields such as AI content
3.
Content with AI
Implementing 'moving pictures' by applying EST AI technology, producing various AI human contents such as 'face transformation, makeup application, and clothing creation' for new employees including analysts and announcers, and utilizing them
4.
API business with AI
Companies can focus on their inherent customer value by providing data and solutions using AI
as an API.
5.
Software with AI
Background removal technology applied in ALSee Capture, like the smooth design of ESTsoft AI technology and ALTools products,
provides the utility environment that users want.
WE WORK WITH AI
We believe that AI makes the world more convenient and safer
1.
Senior care with AI
AI senior care service that takes responsibility for seniors' Fun and cognitive enhancement with AI human technology
2.
Education with AI
Expansion of educational businesses in various fields, such as the establishment of celebrity lecture video courses, production of TOEIC speaking educational content, and AI content as a fitness training instructor
3.
Content with AI
Implementing 'moving pictures' with EST AI technology, 'face transformation, makeup application, and clothing creation' through deep learning
Creating and utilizing various AI human content such as new employee analysts, announcers, etc.
4.
API business with AI
We provide data and solutions utilizing AI through APIs to enable companies to focus on their intrinsic customer value.
5.
Software with AI
Background removal technology applied in ALSee Capture, like the smooth design of ESTsoft AI technology and ALTools products,
provides the utility environment that users want.
LET'S Connect
We collaborate with ambitious brands and people around the world.
To learn more about creating digital experiences that effectively reach and engage customers and target audiences, please contact us.
Download Company Brochure
CEO: Sangwon Jung
Business Registration Number 229-81-03214 Mail-Order Business Notification Number 2011-Seoul Seocho-1962
EST Building, 3 Banpo-daero, Seocho-gu, Seoul (Postal Code)06711
Family Site
ⓒ EST. 2024
LET'S Connect
We collaborate with ambitious brands and people around the world.
To learn more about creating digital experiences that effectively reach and engage customers and target audiences, please contact us.
Download Company Brochure
CEO: Sangwon Jung
Business Registration Number 229-81-03214 Mail-Order Business Notification Number 2011-Seoul Seocho-1962
EST Building, 3 Banpo-daero, Seocho-gu, Seoul (Postal Code)06711
Family Site
ⓒ EST. 2024
LET'S Connect
We collaborate with ambitious brands and people around the world.
To learn more about creating digital experiences that effectively reach and engage customers and target audiences, please contact us.
Download Company Brochure
CEO: Sangwon Jung
Business Registration Number 229-81-03214 Mail-Order Business Notification Number 2011-Seoul Seocho-1962
EST Building, 3 Banpo-daero, Seocho-gu, Seoul (Postal Code)06711
Family Site
ⓒ EST. 2024
LET'S Connect
We collaborate with ambitious brands and people around the world.
To learn more about creating digital experiences that effectively reach and engage customers and target audiences, please contact us.
Download Company Brochure
CEO: Sangwon Jung
Business Registration Number 229-81-03214 Mail-Order Business Notification Number 2011-Seoul Seocho-1962
EST Building, 3 Banpo-daero, Seocho-gu, Seoul (Postal Code)06711
Family Site
ⓒ EST. 2024