"Israel's Top Tech University Targeted by DarkBit Ransomware"

Technion Israel Institute of Technology (IIT) was targeted in a ransomware attack launched by the DarkBit hacker gang, which has demanded an 80-Bitcoin payout worth around $1.7 million at press time. BlackBerry said the institution reported the incident on February 12, a day after the threat actor compiled the payload. Dmitri Bestuzhev, a BlackBerry threat researcher, says this may indicate that DarkBit maintained initial access to the victim's network prior to that, while the implant was compiled a few hours before the attack occurred. BlackBit told IIT that if the ransom was not paid within 48 hours, the demanded amount would increase by 30 percent. The scope of the damage, the breach's origin, and the initial infection vector have not yet been disclosed to the public. The Golang-based ransomware contains a number of noteworthy features, including the ability to accept command-line arguments and operate autonomously. It has a default mode that encrypts the victim's device using AES-256, affecting a variety of file types. In addition, it uses multithreading to ensure faster and more effective encryption. According to Bestuzhev, based on the ransom note, Twitter account, and Telegram profile of the threat actor, the attack's primary motivation is geopolitical rather than financial. A DarkBit tweet and the wording of the ransom note suggest that revenge could be an additional motivation. A vengeful former Information Technology (IT) employee may be using insider knowledge of tools and software to carry the attacks out. This article continues to discuss the targeting of Israel's top technology school by the DarkBit ransomware group. 

Dark Reading reports "Israel's Top Tech University Targeted by DarkBit Ransomware"