CrazyHunter: The Rising Threat of Open-Source Ransomware
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
A ransomware attack on Mackay Memorial Hospital in Taiwan highlights the growing use of publicly available offensive tools by threat actors. The CrazyHunter ransomware, built using the Prince Ransomware builder from GitHub, encrypted over 600 devices across two hospital branches. The attack, likely initiated via a USB device, employed various tools for defense evasion, encryption, and lateral movement. The threat actor used a vulnerable Zemana driver to disable security products, utilized the Prince Ransomware builder for file encryption, and leveraged SharpGPOAbuse for lateral movement. The incident demonstrates the increasing accessibility of cyber attack tools, enabling even less skilled actors to launch sophisticated attacks. This trend poses significant challenges for attribution and defense against ransomware threats.
OPENCTI LABELS :
ransomware,prince ransomware,crazyhunter
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
CrazyHunter: The Rising Threat of Open-Source Ransomware