‘Karakurt’ Extortion Threat Emerges, But Says No to Ransomware

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,048
There is a new financially motivated threat group on the rise and for a change, it doesn’t appear to be interested in deploying ransomware or taking out high-profile targets.

Researchers from Accenture Security have been tracking a group that calls itself “Karakurt,” which means “black wolf” in Turkish and is the name of a venomous spider found in eastern Europe and Siberia.

Karakurt focuses on data exfiltration and subsequent extortion, allowing it to move quickly. In fact, since September, it has already hit more than 40 victims, 95 percent of which were in North America with the rest in Europe, researchers revealed in a report published Friday.

“The threat group is financially motivated, opportunistic in nature, and so far, appears to target smaller companies or corporate subsidiaries versus the alternative big-game hunting approach,” they wrote in the report.

Researchers said they expect that Karakurt will turn out to be a bit of a trendsetter and that in the future, other groups will move away from targeting massive corporations or critical-infrastructure providers with ransomware to adopt a similar exfiltration/extortion approach.

This is because it “enables faster attack execution and steers clear of intentionally disrupting business operations, yet still yields leverage in terms of data extortion,” Accenture’s Cyber Investigations, Forensics & Response (CIFR) team told Threatpost in an email.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top