"Quantum Ransomware"

A recently released DFIR Report details security researchers' findings from the analysis of Quantum Ransomware, which is a variant first discovered in August 2021. Quantum Ransomware was found to be linked to the Quantum Locker operation and a rebrand of the MountLocker, AstroLocker, and XingLocker operations. According to the researchers, Quantum Ransomware was one of the fastest ransomware cases they had ever seen, as it was timed at under four hours from initial access to encryption. As this variant operates with the Ransomware-as-a-Service (RaaS) model, a confirmed target country or industry has not been defined yet. Quantum Ransomware gains initial access by using IcedID malware for reconnaissance tasks, including ipconfig, net, and systeminfo. The ransomware also uses IcedID malware to achieve persistence by creating scheduled tasks on the victim's machine. The IcedID payload is suspected to be delivered through malicious email attachments or links. Demands made through Quantum Ransomware have varied between sums of $150,000 to multi-million dollars. This article continues to discuss the targets, delivery, installation, and persistence of Quantum Ransomware. 

Security Boulevard reports "Quantum Ransomware"