N3TW0RM ransomware emerges in wave of cyberattacks in Israel

silversurfer

Level 74
Verified
Trusted
Content Creator
Malware Hunter
Aug 17, 2014
6,314
A new ransomware gang known as 'N3TW0RM' is targeting Israeli companies in a wave of cyberattacks starting last week.

Israeli media Haaretz reported that at least four Israeli companies and one nonprofit organization had been successfully breached in this wave of attacks.

Like other ransomware gangs, N3TW0RM has created a data leak site where they threaten to leak stolen files as a way to scare their victims into paying a ransom.

Two of the Israeli businesses, H&M Israel and Veritas Logistic's networks, have already been listed on the ransomware gang's data leak, with the threat actors already leaking data allegedly stolen during the attack on Veritas.

From the ransom notes seen by Israeli media and BleepingComputer, the ransomware gang has not been asking for particularly large ransom demands compared to other enterprise-targeting attacks.

Haaretz reports that Veritas' ransom demand was three bitcoin, or approximately $173,000, while another ransom note shared with BleepingComputer shows a ransom demand of 4 bitcoins, or roughly $231,000.

Sample: VirusTotal
 
Top