Ransomware attackers are now using cloud backups to escalate their attacks.
Cloud backups are one of the goto methods for precaution against ransomware attacks. Recent research has found that these backups can now be exploited by ransomware attackers and used against you. DopplePaymer operators have recently uploaded the admin username and password of a non-paying victim, establishing that they have full access to the victim’s network.
During a ransomware attack, the hackers first try to gain access of victim’s machine by malware or phishing attacks. After attaining the access they start spreading throughout the network and gain admin credentials. If a ransomware attacker gains access to the backups, the first step shift from encrypting of files to deleting the present backup.
Users generally have an outdated local backup and after deleting their online backup the ransomware ensures that the files can not be restored without paying the ransom. Jeopardizing the most used way of precaution against ransomware, ransomware is becoming more lethal and can cause an unavoidable loss of data and money. NPAV recommends keeping multiple backups of data and always storing the updated data to local backups.
Use NPAV and join us on a mission to secure the cyber world.