The FBI has issued a
security alert about Netwalker ransomware operators targeting U.S. and foreign government organizations, advising their victims not to pay the ransom and reporting incidents to their local FBI field offices.
FBI's flash alert also provides indicators of compromise associated with the Netwalker ransomware (also known as Mailto) and includes a list of recommended mitigation measures.
According to the FBI, the operators behind this ransomware strain began targeting U.S. and foreign government orgs starting with June 2020, after Netwalker operators successfully encrypted systems on the network of
UCSF School of Medicine, the Australian transportation and logistics company
Toll Group (three months later, Toll Group
got hit again by Nefilim Ransomware), and
Lorien Health Services earlier this month.
