The FBI said on Monday that Ranzy Locker ransomware operators had compromised at least 30 US companies this year from various industry sectors.
"Unknown cyber criminals using Ranzy Locker ransomware had compromised more than 30 US businesses as of July 2021," the FBI said in a TLP: WHITE
flash alert.
"The victims include the construction subsector of the critical manufacturing sector, the academia subsector of the government facilities sector, the information technology sector, and the transportation sector.'
The flash alert was issued in coordination with CISA and is designed to provide information to help security professionals detect and guard against such ransomware attack attempts.
Most Ranzy Locker victims who reported attacks told the FBI that the operators breached their networks by brute-forcing Remote Desktop Protocol (RDP) credentials.
