The Federal Bureau of Investigation (FBI) this week published an alert to provide additional information on the RagnarLocker ransomware, along with indicators of compromise (IoCs) associated with the malware.
According to the FBI, at least 52 entities across 10 critical infrastructure sectors have been infected with this malware family, including organizations in the energy, financial services, government, information technology, and manufacturing industries.
“RagnarLocker ransomware actors work as part of a ransomware family, frequently changing obfuscation techniques to avoid detection and prevention,” the FBI says in its alert.
The malware relies on VMProtect, UPX, and custom packing algorithms and is typically deployed on compromised systems within a custom virtual machine. It also uses the Windows API GetLocaleInfoW to identify the system’s location and terminates its process if the computer is in specific countries.
On the compromised machines, RagnarLocker checks for current infections to prevent potential corruption of the data, identifies attached hard drives, iterates through all running processes and terminates those associated with remote administration, and then attempts to delete all Volume Shadow copies, to prevent data recovery.
Next, the ransomware encrypts all data of interest – it avoids encrypting files in specific folders – and then leaves a .txt ransom note to provide the victim with instructions on how to pay the ransom.
In its alert, the FBI also provides a series of recommendations on how organizations can stay safe from ransomware, and also encourages businesses to report any ransomware attacks, as that would help defenders prevent future incidents.
Ransomware attacks are no challenge to us at BLAKFX as we have set out to eliminate ransomware as a threat…Period.
Our mission for 2022 is to eliminate ransomware damage.
There is no organization in any sector that is safe from ransomware except those that utilize Helix22 data security SDK.
In Math We Trust
Ransomware Auditing as a Service (RaaS): as ransomware attacks have skyrocketed, they have come to represent the biggest threat to the data of government agencies, military, intelligence agencies as well as private enterprises. BLAKFX developed the first in the world Ransomware Auditing as a Service (RaaS) platform which allows our cyber security engineers to scan your network and simulate real-world ransomware attacks to test the prevention, detection and mitigation strategies of your organization and establish how resilient your network is to real ransomware attacks. After the scan we provide a comprehensive report and our recommendations for remediation.
If you are the victim of an actual ransomware attack, we are able to recover the data that has been hi-jacked during the attack and due to Helix22’s patented DNA BindingTM cryptography, restore it to its original state.
We can make this restoration claim as the tech engineers at BLAKFX invented and holds multi-patents on a genuine device2device (D2D) encryption. We manage data security transmission through the truly brilliant and also patented universal Helix22 key service. The Helix22 encryption originates on your network or device, not just when the app is opened. This means, that when data arrives to our key server, it is already encrypted so all it needs to do is issue another key. Signal and Telegram cannot claim this level of security. This key will then only work with the intended device, which generates a matching key required to open the data. In this protocol, we are truly a “zero-knowledge” server so your communications and transmissions remain completely top secret. Even in the event that BLAKFX were subpoenaed, we can honor the request by just handing over the encrypted content…as that is literally all we have. Helix22 also only use keys just one-time and then destroys them. This way the data security is future forward prefect. Therefore, in our unique device-to-device encryption (D2D) world, there is no opportunity at all for any data leak.
This same protocol just described, can be the same with all your 3rd party vendors and suppliers. It does not matter in the least what platform they are running or what device they are using or even the type of data, it is all 100% protected. We do however, strongly advise that all firms involved be utilizing Helix22 due to the nature of the data content. Helix22 can ensure that whatever data they are generating is protected as well.
Let’s take it a step further. Even if your organization were a victim of an internal attack or a victim of malicious open source downloads, there is no reason for concern. Any data that has been forwarded, downloaded, copied or saved cannot be exfiltrated. Period. We have the technology industries foremost data packets which are protected with multi-layered, military grade encryption algorithms that have already proven the ability to withstand penetration testing from MI5 and quantum computing attacks.
One final practical genius of DNA BindingTM is in that it is immediately compatible with whichever system or software you are utilizing. Therefore, any organization can forward information to another and then discuss it and there is immediate privacy.
Finally, the Helix22 encryption is quantum computing ready so no need to redo all your data security methodologies in a couple of years when everything else becomes obsolete.
In the BLAKFX data security world, ransomware or any other data centric attack cannot have any affect on your systems or data.
The Helix22 data security SDK accomplishes the following:
- Protects all your firms data at rest, in use and in transit
- Renders ransomware threats obsolete
- Eliminates human error
- Eliminates all malicious or interior attacks
- Verifies original content i.e. minimizes the threat of impersonation attacks and deep fakes
- Reduces latency
- Installs with 5 lines of code
- Runs on any platform, network, device and in any programming language i.e. Internet of Things enablement
- Provides perfect future/forward secrecy
- Delivers “zero-knowledge” encryption
- Perfect security when utilizing all SaaS products
- Compatible with all cloud, 3rd party and vendor services
- Secures the Internet of Things by providing protection at the Edge with ultra low latency
- Ensures privacy and security for blockchain and all cryptocurrency transactions
- Is quantum ready – so there’s no need to upgrade when the time comes
- Requires no employee training
- Exceeds all gov’t and banking standards
- Meets compliance regulations
BLAKFX is Based on Success
Our founders, Robert Statica PhD and Kara Coppa, also founded Wickr, which is used by the US military and has never been hacked since its inception in 2012. The Helix22 data security SDK is several generations enhanced since then. Dr. Statica also delivered the encryption for the world’s most secure phone, Katim.
Founder – Robert Statica PhD Founder – Kara Coppa Founder – Alex Maslov MS, MBA
Co-Founders of Wickr KatimTM Ultra Secure Smartphone
Helix 22 – Zero Risk