Latest news with #ANY.RUN
Associated Press
07-05-2025
- Business
- Associated Press
ANY.RUN Warns Fintech Industry of Nitrogen Ransomware Threat, Showcases Proactive Defense
DUBAI, DUBAI, UNITED ARAB EMIRATES, May 7, 2025 / / -- , an established presence in the field of malware analysis and threat intelligence solutions, is alarming the fintech industry about Nitrogen Ransomware, a dangerous new threat targeting financial institutions. With limited public information available on Nitrogen, cutting-edge Interactive Sandbox and Threat Intelligence Lookup (TI Lookup) are empowering organizations to detect, analyze, and gain critical insights to counter this elusive ransomware, ensuring proactive protection and aligning with business-critical metrics like risk reduction and operational resilience. ๐๐ข๐ญ๐ซ๐จ๐ ๐๐ง ๐๐๐ง๐ฌ๐จ๐ฆ๐ฐ๐๐ซ๐: ๐ ๐๐ซ๐จ๐ฐ๐ข๐ง๐ ๐๐๐ง๐๐๐ ๐๐จ๐ซ ๐ ๐ข๐ง๐ญ๐๐๐ก Since September 2024, Nitrogen Ransomware has quickly emerged as a significant threat, notably compromising SRP Federal Credit Union in South Carolina. Targeting sectors like finance, construction, and technology, Nitrogen encrypts critical data and demands ransom payments, exploiting the high stakes of the financial industry. Discover the most complete report on Nitrogen ransomware on cybersecurity blog . ๐๐๐ฒ ๐ ๐ข๐ง๐๐ข๐ง๐ ๐ฌ ๐จ๐ง ๐๐ข๐ญ๐ซ๐จ๐ ๐๐ง ๐๐๐ง๐ฌ๐จ๐ฆ๐ฐ๐๐ซ๐ โ ๐๐ฆ๐๐ซ๐ ๐๐ง๐๐ ๐๐ง๐ ๐๐๐ซ๐ ๐๐ญ๐ฌ: Nitrogen Ransomware surfaced in September 2024, primarily attacking financial institutions, construction, manufacturing, and tech sectors, with high activity in the United States, Canada, and the United Kingdom. โ ๐๐๐๐ญ๐ข๐๐ฌ ๐๐ง๐ ๐๐๐๐ก๐ง๐ข๐ช๐ฎ๐๐ฌ: Observed in Report: Nitrogen uses a malicious executable, creates a unique mutex, exploits the vulnerable driver to disable antivirus tools, and manipulates to disable Windows Safe Boot. โ ๐๐จ๐ง๐ง๐๐๐ญ๐ข๐จ๐ง ๐ญ๐จ ๐๐ฎ๐ค๐๐๐จ๐๐ค๐๐ซ: Nitrogen shares similarities with LukaLocker, including file extensions and ransom note formats, suggesting potential links or shared code. โ ๐๐ข๐ฆ๐ข๐ญ๐๐ ๐๐ฎ๐๐ฅ๐ข๐ ๐๐๐ญ๐: Only one detailed report on this ransomware is available, underscoring the scarcity of information and the need for advanced analysis tools like to enrich threat intelligence. ๐๐ง๐๐ฅ๐ฒ๐ณ๐ข๐ง๐ ๐๐ข๐ญ๐ซ๐จ๐ ๐๐ง ๐ฐ๐ข๐ญ๐ก ๐๐ง๐ญ๐๐ซ๐๐๐ญ๐ข๐ฏ๐ ๐๐๐ง๐๐๐จ๐ฑ ๐๐ง๐ ๐๐ ๐๐จ๐จ๐ค๐ฎ๐ฉ tools are uniquely positioned to tackle Nitrogen Ransomware, even with limited initial data. Here's how they make a difference: ๐๐ง๐ญ๐๐ซ๐๐๐ญ๐ข๐ฏ๐ ๐๐๐ง๐๐๐จ๐ฑ: Provides a safe, virtual environment to observe Nitrogen's behavior. For fintech, this means faster detection and response, minimizing downtime and financial losses. ๐๐ก๐ซ๐๐๐ญ ๐๐ง๐ญ๐๐ฅ๐ฅ๐ข๐ ๐๐ง๐๐ ๐๐จ๐จ๐ค๐ฎ๐ฉ: With Nitrogen's details scarce, TI Lookup enriches IOCs by linking them to related malware analysis sessions. By integrating IOCs into SIEM and EDR systems, fintech firms can proactively block Nitrogen's exploits. solutions align seamlessly with fintech's core business values: trust, security, and operational continuity. By reducing the time to detect and respond to threats, helps organizations avoid costly breachesโransomware incidents can cost up to $2.5 billion, with 10% of 2024 cyberattacks targeting finance. Proactive protection preserves customer confidence, ensures regulatory compliance, and safeguards revenue streams. ๐๐๐จ๐ฎ๐ญ ๐๐๐.๐๐๐ Interactive Sandbox and Threat Intelligence Lookup service are trusted by 500,000 cybersecurity professionals and 15,000 SOC teams worldwide. With a mission to democratize threat intelligence, delivers real-time insights that enable organizations to combat sophisticated cyber threats. The team ANYRUN FZCO +1 657-366-5050 email us here Visit us on social media: LinkedIn YouTube X Legal Disclaimer: EIN Presswire provides this news content 'as is' without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.
Associated Press
22-04-2025
- Business
- Associated Press
ANY.RUN Uncovers New PE32 Ransomware Targeting Businesses with Double Extortion
DUBAI, DUBAI, UNITED ARAB EMIRATES, April 22, 2025 / / -- a leading provider of interactive malware analysis and threat intelligence services, has released a new report by Mauro Eldritch detailing the emerging PE32 Ransomware, a rapidly spreading threat that poses significant risks to organizations across industries. ๐๐๐๐ ๐๐๐ง๐ฌ๐จ๐ฆ๐ฐ๐๐ซ๐: ๐ ๐๐ซ๐จ๐ฐ๐ข๐ง๐ ๐๐ก๐ซ๐๐๐ญ ๐ญ๐จ ๐๐จ๐ซ๐ฉ๐จ๐ซ๐๐ญ๐ ๐๐๐๐ฎ๐ซ๐ข๐ญ๐ฒ PE32's ability to encrypt critical files and exfiltrate data threatens organizations in banking, retail, healthcare, manufacturing, and technology. Some of its key functionalities include: ยท Rapid File Encryption: PE32 targets visible folders like the Desktop, appending a .pe32s extension, and begins encryption after minimal user interaction. ยท Dual Ransom Demands: Unlike typical ransomware, PE32 employs a two-tier payment model: $700 to $7,000 for file decryption and $10,000 to 2 BTC for preventing data leaks. ยท Telegram-Based Command and Control (C2): The ransomware uses the Telegram Bot API for communication, with exposed bot tokens making it traceable but no less disruptive. Its lack of obfuscation and reliance on basic Windows libraries highlight inexperienced authors behind the threat, yet its active development signals growing danger. Read detailed analysis of this ransomware strain on blog. ๐๐จ๐ฐ ๐๐๐.๐๐๐ ๐๐๐ฅ๐ฉ๐ฌ ๐๐จ๐ฆ๐ฉ๐๐ง๐ข๐๐ฌ ๐๐๐ญ๐๐๐ญ ๐๐ง๐ ๐๐ง๐๐ฅ๐ฒ๐ณ๐ ๐๐๐๐ Using Interactive Sandbox, organizations can analyze PE32 Ransomware in a secure, cloud-based environment. The service simplifies extraction of Indicators of Compromise (IOCs), monitors Telegram-based C2 activity, and maps attack behaviors, enabling faster response and recovery. ๐๐๐จ๐ฎ๐ญ ๐๐๐.๐๐๐ empowers organizations in banking, manufacturing, telecommunications, healthcare, retail, and technology with cutting-edge malware analysis and threat intelligence. Its cloud-based Interactive Sandbox, paired with advanced tools like TI Lookup and YARA Search, helps businesses analyze threats in under 40 seconds, building resilient cybersecurity operations. The team ANYRUN FZCO +1 657-366-5050 email us here Visit us on social media: X YouTube Legal Disclaimer: EIN Presswire provides this news content 'as is' without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.
