February 8, 2017 by

Russian Hackers Behind Ransomware Targeting U.S. Police, Says Acronis

According to data-protection specialist Acronis International, Russian hackers are likely to be behind a new strain of ransomware that recently targeted and attacked a Texas police department.

Named “Osiris”, taking after the Egyptian god of the afterlife, the new strain of ransomware spreads via cloud services and perpetuates itself in corporate computer networks sans detection. The ransomware can also spread to other organizations’ networks through customer-relationship management systems.

Speaking to Bloomberg, Acronis vice-president Nikolay Grebennikov stated:

Certain terms used in the malware coding indicate traces of Russian-speaking programmers behind it.

One of the phrases embedded in the code refers to Cheburashka and Gena, two cartoon characters from the bygone Soviet-era.

Osiris is frequently seen distributed via spam emails that typically come with the headings “Invoice” or “Order Confirmation”. In the attachment of the email, the bug is delivered as the payload. When triggered, Osiris adds the .osiris extension to encrypt files before demanding up to $100,000 in bitcoins as ransom to decrypt the data.

Last month, a Texas police department lost evidence accumulated over eight years due to an attack by Osiris, which was named by cybersecurity firm McAfee Inc., as one of the main malware threats of 2017. The police decided against paying the ransom demand of $4,000 in bitcoin.

 Upon discovery that files on their server had been corrupted by a computer virus, the server and all computers at the Cockrell Hill Police Department was disconnected from the internet. While the ransomware was contained, the FBI Cybercrimes unit who were called in to assist the police department, recommended a complete wipe of the virus from servers after isolating them.

All Microsoft Office Suite documents including word documents and excel files, body camera video, in-car video, in-house surveillance video and photographs that were stored on the server were all corrupted and lost, according to a press release by the police department.

Image credit: Pexels.

About the author

Image of Author

LIFARS is a digital forensics and cybersecurity intelligence firm based in New York City. LIFARS is ranked as one of the top Digital Forensics and Cyber Investigations companies in 2016 and as one of the top cybersecurity companies in the New York metropolitan area for 2015 on the Cybersecurity 500 – a directory of the hottest and most innovative companies to watch in the cybersecurity industry.

Related articles

26% of Ransomware Attacks Target Corporate Businesses

New research from Kaspersky Lab has revealed that the number of ransomware attacks targeting...

Read more arrow_forward

Ransomware Payments to Hit a Record $2 Billion in 2017: Research

According to new research from a cybersecurity firm, ransomware payments will hit a high of $2...

Read more arrow_forward

UK Govt Blames North Korea for WannaCry Ransomware CyberAttack

  The UK government has blamed North Korea for WannaCry - the comprehensive ransomware...

Read more arrow_forward