FBI warns of increasing Ragnar Locker ransomware activity


Level 69
Content Creator
Malware Hunter
Aug 17, 2014
The U.S. Federal Bureau of Investigation (FBI) Cyber Division has warned private industry partners of increased Ragnar Locker ransomware activity following a confirmed attack from April 2020.

The MU-000140-MW flash alert issued to partners by the FBI yesterday was coordinated with DHS-CISA and it provides security professionals and system admins with indicators of compromise to guard against the persistent malicious actions of this ransomware gang.

"The FBI first observed Ragnar Locker1ransomwarein April 2020, when unknown actors used it to encrypt a large corporation’s files for an approximately $11 million ransom and threatened to release 10 TB of sensitive company data," the FBI says in the TLP:WHITE flash alert.
"Since then, Ragnar Locker has been deployed against an increasing list of victims, including cloud service providers, communication, construction, travel, and enterprise software companies."