With No More Ransom turning 4, Garmin suddenly recovering from their ransomware attack, and a GandCrab affiliate being arrested in Belarus, it has been quite a week when it comes to ransomware news.
The biggest story of the week is Garmin enabling services again and the rumors that it paid a $5 million ransom for the decryptor. Fast forward to the end of the week, and the next big news is the arrest of a GandCrab ransomware affilaite in Belarus.
7/31/20: Update added below with information from Intezer Labs and a link to the malware sample. This article was originally published on July 30th, 2020.
TrickBot’s Anchor malware platform has been ported to infect Linux devices and compromise further high-impact and high-value targets using covert channels.
TrickBot is a multi-purpose Windows malware platform that uses different modules to perform various malicious activities, including information stealing, password stealing, Windows domain infiltration, and malware delivery.
TrickBot is rented by threat actors who use it to infiltrate a network and harvest anything of value. It is then used to deploy ransomware such as