all InfoSec news
Trigona Ransomware Threat Actor Uses Mimic Ransomware
Malware Analysis, News and Indicators - Latest topics malware.news
AhnLab SEcurity intelligence Center (ASEC) has recently identified a new activity of the Trigona ransomware threat actor installing Mimic ransomware. Like past cases, the recently detected attack targets MS-SQL servers and is notable for abusing the Bulk Copy Program (BCP) utility in MS-SQL servers during the malware installation process.
Trigona ransomware: Known to have been active since at least June 2022 [1]; usually targets MS-SQL servers for attacks and is still active.
Mimic ransomware: First found in …
abusing actor ahnlab asec attack bcp cases center copy installation intelligence malware malware analysis mimic ms-sql process program ransomware security security intelligence servers sql sql servers threat threat actor trigona trigona ransomware utility