trigona
-
Trigona announced a new victim, Claro, a telecommunications company located in Mexico. The target company is a global Information Technology provider with a high-value profile and worldwide customers.
-
AhnLab Security Intelligence Center (ASEC) has recently uncovered a concerning development in ransomware attacks. A new threat actor, previously known as Trigona ransomware, has been identified as installing Mimic ransomware. This discovery sheds light on the evolving tactics of cybercriminals who continue to target MS-SQL servers, exploiting vulnerabilities in the Bulk Copy Program (BCP) utility.
-
AhnLab SEcurity intelligence Center (ASEC) has recently identified a new activity of the Trigona ransomware threat actor installing Mimic ransomware. Like past cases, the recently detected attack targets MS-SQL servers and is notable for abusing the Bulk Copy Program (BCP) utility in MS-SQL servers during the malware installation process.
-
Key Takeaways In late December 2022, we observed threat actors exploiting a publicly exposed Remote Desktop Protocol (RDP) host, leading to data exfiltration and the deployment of Trigona ransomware. On … Read More
-
Trigona ransomware infiltrated 4 targets recently in France, US, Austria, and Indonesia. The attacks were successful, in the sense that the hacker breached the victims’ defense systems and stole and encrypted valuable data.
-
BleepingComputer reports that the Trigona ransomware gang had its operations taken down after its servers were compromised and wiped in an attack claimed by the Ukrainian Cyber Alliance hacktivist group.
-
A group of cyber activists under the Ukrainian Cyber Alliance banner has hacked the servers of the Trigona ransomware gang and wiped them clean after copying all the information available.
-
Fraud Management & Cybercrime , Ransomware Data From Trigona’s Servers Exfiltrated and Wiped Out, Reads a Note on Leak Site Mihir Bagwe (MihirBagwe) • October 18, 2023
-
A group of pro-Ukraine hacktivists known as the Ukrainian Cyber Alliance says it has shut down the leak site run by the Trigona ransomware group.