Megazord, a Rust-coded ransomware, has been mainly attacking healthcare and government entities. Initial access to these entities comes from spear-phishing and exploiting vulnerabilities. The ransomware uses RDP and IP scanners for detection and, on compromise, proceeds to encrypt files and terminate processes. The encrypted files get a “POWERRANGES” extension, and victims are directed to a unique Telegram channel for contact. Megazord also shares code similarities with Akira ransomware.
Fred Hutch notifies more patients of November 2023 attack
In December 2023, a cyberattack hit the Fred Hutchinson Cancer Center (Fred Hutch), resulting in the exfiltration of patient data and attempted extortion. Threat actors,
