HelloKitty Ransomware Adds New Extortion Tactics

It was in January 2021 when HelloKitty was identified as a ransomware operational group by the FBI; nevertheless, it looks like new data points to them being active since as early as November 2020.

The group is well known for breaking into and encrypting CD Projekt Red‘s networks in February and claiming to have stolen the source code for Cyberpunk 2077, Witcher 3, Gwent, and other titles.

What Happened?

The FBI issued a flash notice to private industry partners, alerting them that the HelloKitty ransomware gang (also known as FiveHands) has added distributed denial-of-service (DDoS) attacks to its arsenal of extortion tools.

The FBI claimed in a Friday notice coordinated with the Cybersecurity and Infrastructure Security Agency (CISA) that the ransomware organization would use DDoS assaults to take down its victims’ official websites if they didn’t pay the ransom.

The FBI first observed Hello Kitty/FiveHands ransomware in January 2021. Hello Kitty/FiveHands actors aggressively apply pressure to victims typically using the double extortion technique. In some cases, if the victim does not respond quickly or does not pay the ransom, the threat actors will launch a Distributed Denial of Service (DDoS) attack on the victim company’s public facing website. Hello

Read More: https://heimdalsecurity.com/blog/hellokitty-ransomware-adds-new-extortion-tactics/