The CERT-In or the Indian Computer Emergency Response Team has alerted users against the malicious spread of ransomware virus ‘Egregor’ that threatens to release sensitive corporate data of the victim organisation if not paid. In a latest advisory that while the “initial infection vector and propagation mechanism is still unknown, it is anticipated that Egregor ransomware may infiltrate via spam email attachments or maliciously crafted link shared via email/instant messaging chats.”. The CERT-In noted “Individuals or organisations are not encouraged to pay the ransom as this does not guarantee files will be released,”
“Report such instances of fraud to CERT-In and law enforcement agencies,” the advisory from the national technology arm to combat cyber attacks and guarding of the Indian cyber space said. The CERT-In agency said this ransomware was affecting organisations globally. The advisory stated that “The modus operandi used is typically breaking into organisations, stealing sensitive data, and running the malware to encrypt their files and (it) threatens ‘Mass-Media’ release of corporate data if ransom not paid in due time,”
The agency waned that “It uses double extortion tactics generally used by NetWalker ransomware families,”