Risky Bulletin cover image

Risky Bulletin

Risky Bulletin: Secret ransomware campaign targeted DrayTek routers for a year

Dec 16, 2024
A covert ransomware campaign targeting DrayTek routers has gone undetected for a year, raising alarming cybersecurity concerns. Recent layoffs at Yahoo and Amazon's security worries about Microsoft Office 365 highlight industry turbulence. The podcast also covers rising threats against media organizations and a surge in password spraying attacks. Furthermore, there's a notable decline in online scams in the Philippines and an exploration of regulatory actions affecting crypto exchanges and secure messaging services.
07:42

Podcast summary created with Snipd AI

Quick takeaways

  • A secret ransomware campaign exploiting a zero-day vulnerability in DrayTek routers demonstrates the significant risks posed by advanced persistent threats.
  • Recent layoffs in Yahoo's security team and the dismantling of the Ridox cybercrime marketplace reflect the evolving challenges in the cybersecurity landscape.

Deep dives

Ransomware Targeting Draytech Routers

A secret ransomware campaign has exploited a suspected zero-day vulnerability in Draytech routers for over a year, specifically employed by a group called Monstrous Mantis. This group has been able to extract router passwords, which they then shared with affiliates, including members connected to the notorious Revil Group. Notably, the Greater Manchester Police Department in the UK confirmed that they were among the victims of this cyberattack. This highlights the ongoing threats posed by advanced persistent threats (APTs) targeting essential infrastructure through unpatched vulnerabilities.

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.
App store bannerPlay store banner