The group behind Doubleface ransomware has recently attacked the website of Donetsk International Airport, demonstrating its capability to execute high-profile cyberattacks.
Key Features and Pricing
Key Features and Pricing
Doubleface ransomware uses the C/C++ programming language. It also employs AES-128 and RSA-4096 encryption algorithms.
According to the seller, Doubleface ransomware is undetected by most major antivirus programs like Windows 10/11 Defender, Avast, Kaspersky and AVG. Its unpredictable behavior lets it bypass existing cybersecurity defenses.
Unlike some ransomware variants, Doubleface does not require a stub. But attackers must be careful in the management of the decryption key, because the wrong key will destroy all encrypted files.
The ransomware can work independently of an internet connection or network. It supports evasion of virtual machines, debugging tools and sandbox environments. These stealth features make it difficult to detect and mitigate.
This ransomware costs USD 500 per copy and can be bought in bulk. Also available for USD 10,000 is the complete source code for the ransomware. That opens up the code for cybercriminals to take it and perhaps modify it for their own purposes/purposes.
Notable Incidents
Notable Incidents
The group behind Doubleface ransomware is said to have attacked the website of Donetsk International Airport on August 10, 2024. This suggests that they might be involved in important or politically driven attacks.
Image: Doubleface posting their airport takedown on a messaging application
Secure Your Organization With BlackFog
Secure Your Organization With BlackFog
The recent attack by the Doubleface ransomware at Donetsk Airport shows that we need stronger protection for important systems. Ransomware locks files, stopping people from using them until the attackers get paid. But paying them only makes them attack more.
BlackFog’s ADX solution prevents cyberattacks including ransomware and crucially stops data exfiltration attempts in real-time. It constantly watches network activity and quickly stops any unauthorized copying or stealing of data as it happens, 24/7, without the need for human interaction. This stops files from being locked in the first place.
Click here to learn more about how BlackFog can protect your business.
Related Posts
5 Upcoming Ransomware Variants and Groups to Watch In 2024
In 2024, the ransomware landscape is evolving rapidly with the emergence of five new threats: Limpopo, Dark Angels, RansomEXX, DragonForce, and Hunters International. Understanding these threats is crucial for cybersecurity readiness. This article delves into their unique strategies, technical specifications, and significant breaches to help you stay informed and prepared against these sophisticated cyber threats.
Manufacturing Industry Faces Surge in Ransomware Attacks in 2024
Ransomware attacks on the manufacturing industry are rising, with notable cases at MKS Instruments, Brunswick Corporation, Simpson Manufacturing, and The Clorox Company. Learn about the financial and operational impacts and why manufacturers are prime targets for cybercriminals.
The State of Ransomware 2024
BlackFog's state of ransomware report measures publicly disclosed and non-disclosed attacks globally.
Enterprise Ransomware Protection: Why it Matters
Why must enterprise ransomware protection be a critical component of any firm's cyber security strategy?
TAG Blog Series 1 – How ADX Supports and Implements Policy
Implementing Anti Data Exfiltration (ADX) solutions is critical for enterprise security. This article provides guidance on establishing effective ADX deployment policies, with a focus on aligning them with business objectives and threat perceptions. Highlighting BlackFog's ADX solution, it explores proactive strategies to prevent data exfiltration, offering valuable insights for practitioners aiming to enhance their security posture.
5 Steps to Ensure Your Enterprise Data Security
Why do enterprise data security strategies need to evolve to cope with a new range of threats?