Pysa is not a pretty Italian town famous for its Leaning Tower, but a group of hackers determined to increase their malicious activity.
And for good reason, the Pysa gang ranks at the top of the most offensive ransomware for the month of November 2021.
Pysa is rampant at the end of 2021
If you haven’t yet crossed paths with the Pysa Gang, a group of web hackers who are particularly fond of ransomware, then good for you. Its preferred targets are generally government organizations. And for good reason, with a 400% increase in ransomware attacks against them in November 2021, according to the cybersecurity company NCC Group, this software is particularly popular with this group of hackers.
Thus, again during the month of last November, the data of nearly fifty government organizations turned out to be compromised. More broadly, ransomware attacks by the Pysa gang increased by 50% in November 2021 across all targets. These substantial figures open the doors to the podium of the most active ransomware since last August, with Conti and Lockbit, according to NCC Group.
The FBI on Pysa’s heels
The greed of the Pysa gang does not appear to be waning, however, as with such targets often millions of dollars are put on the table to unlock the valuable data held hostage. But the most annoying thing about this ransomware is that it sometimes leaks hacked data quite late in time, sometimes weeks or months after the extortion. This illustrates an increasingly important practice, namely double extortion, with, on the one hand, an encryption of the victim’s data, but also, on the other hand, their extraction, which allows such leaks.
Also known as Mespinoza, the Pysa gang has been chased by the FBI for almost a year, after recurring attacks on health facilities, various institutions and government structures, in particular. Phishing is the method that allows them to infect potential victims with their ransomware. This technique is used in nearly 65% of cases according to the latest Hiscox report. However, the hunt having started in March 2020, it has, for the moment, not borne fruit. But, as the United States is among the countries most targeted by the Pysa gang, the fight is expected to continue even more intensely.
In the United States alone, there were 154 raçongware victims in November 2021, with nearly 140 organizations among them, while in mainland Europe, 96 successful attacks. The industrial sector is the most affected, while structures linked to technology have seen a 38% drop in offensives. In the meantime, don’t forget to remain particularly suspicious online, because it is often humans who are the loophole through which malware rushes.
On the same subject :
Computer or smartphone, which is more vulnerable to malware?
Sources: Digitemis
, ZD Net
1