February 8, 2017 by

Russian Hackers Behind Ransomware Targeting U.S. Police, Says Acronis

According to data-protection specialist Acronis International, Russian hackers are likely to be behind a new strain of ransomware that recently targeted and attacked a Texas police department.

Named “Osiris”, taking after the Egyptian god of the afterlife, the new strain of ransomware spreads via cloud services and perpetuates itself in corporate computer networks sans detection. The ransomware can also spread to other organizations’ networks through customer-relationship management systems.

Speaking to Bloomberg, Acronis vice-president Nikolay Grebennikov stated:

Certain terms used in the malware coding indicate traces of Russian-speaking programmers behind it.

One of the phrases embedded in the code refers to Cheburashka and Gena, two cartoon characters from the bygone Soviet-era.

Osiris is frequently seen distributed via spam emails that typically come with the headings “Invoice” or “Order Confirmation”. In the attachment of the email, the bug is delivered as the payload. When triggered, Osiris adds the .osiris extension to encrypt files before demanding up to $100,000 in bitcoins as ransom to decrypt the data.

Last month, a Texas police department lost evidence accumulated over eight years due to an attack by Osiris, which was named by cybersecurity firm McAfee Inc., as one of the main malware threats of 2017. The police decided against paying the ransom demand of $4,000 in bitcoin.

 Upon discovery that files on their server had been corrupted by a computer virus, the server and all computers at the Cockrell Hill Police Department was disconnected from the internet. While the ransomware was contained, the FBI Cybercrimes unit who were called in to assist the police department, recommended a complete wipe of the virus from servers after isolating them.

All Microsoft Office Suite documents including word documents and excel files, body camera video, in-car video, in-house surveillance video and photographs that were stored on the server were all corrupted and lost, according to a press release by the police department.

Image credit: Pexels.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

Robots are Now Vulnerable to Ransomware Attacks

Security researchers have put the spotlight on malware affecting humanoid robots with the first...

Read more arrow_forward

Free Decryption Tool Brings Respite to Victims of Aggressive Ransomware

A new and unusual family of ransomware has met its match after a ransomware tool backed by Europol...

Read more arrow_forward

Ransomware is ‘Modern-Day Extortion’, Says McAfee CEO

The chief executive of cybersecurity firm McAfee has labelled ransomware as the modern day answer to...

Read more arrow_forward