The FBI reported that Play ransomware groups have compromised over 900 organizations, utilizing advanced double-extortion techniques. This includes exploiting unpatched vulnerabilities in remote-access tools like SimpleHelp and old bugs in systems such as FortiOS. Play ransomware is known for its tactic of not including initial ransom amounts in its notes, instead prompting victims to initiate contact via email. The criminals also employ psychological manipulation by directly calling victims, threatening data release if demands are not met. Organizations are urged to bolster defenses against this ongoing threat.
"Ransom notes do not include an initial ransom demand or payment instructions; rather, victims are instructed to contact the threat actors via email."
"Play operators regularly call their victims and threaten to release their stolen data if they don't pay up."
Collection
[
|
...
]