The government of Montenegro has provided more information about the attack on its critical infrastructure saying that ransomware is responsible for the damage and disruptions.
Public Administration Minister Maras Dukaj stated on local television yesterday that behind the attack is an organized cybercrime group. The effects of the incindet continue for the tenth day.
The minister added that a “special virus” is used in this attack and there is a ransom demand of $10 million.
Dukaj also added that at this point, the state could not give an estimate of when the services will become available.
False allegations and Cuba
Previously, Dukaj himself, along with Montenegro’s Defense Minister, told local media that they had enough evidence to suspect the cyberattacks were directed by Russian services.
This gave the incident a geopolitical hue and mobilized the Balkan country’s NATO allies to help them with incident response, defense, and remediation.
The next day, though, Cuba ransomware gang listed the Parliament of Montenegro (Skupstina) as its victim and claimed to have stolen financial documents, correspondence with banks, balance sheets, tax documents, compensation, and even source code.
Cuba ransomware extortion site listing Skupstina in the free section
The data was published on the “free” section of the site, available to any visitor with no restrictions.
Cuba ransomware evolution
Cuba ransomware has demonstrated notable evolution lately. Three weeks ago, researchers spotted a novel toolset used by the gang along with previously unseen tactics, techniques, and procedures.
In June, Cuba ransomware updated its encryptor with additional options and set up a communication channel for “live victim support.”
Another notable change is observed in the group’s targeting scope. In 2021, Cuba focused heavily on U.S.-based organizations.
Comments
-
thatirish – 4 days ago
Until governments are held responsible for what their citizens do in regards to cybercrime, whether actually affiliated with their government or not, there is no end in sight.
-
GT500 – 2 days ago
Cuba has been under embargo since at least 1962. Why would they care if the rest of the world demanded they punish threat actors in their country?
https://www.state.gov/cuba-sanctions/
https://en.wikipedia.org/wiki/United_States_embargo_against_Cuba
-
Windows Repair (All In One)
Version: 4.13.1 2M+ Downloads
-
Malwarebytes Anti-Malware
Version: 4.5.12 4M+ Downloads
-
Everything Desktop Search
Version: 1.4.1.1017 21,223 Downloads
-
Zemana AntiLogger Free
Version: 1.8.2.320 51,171 Downloads
-
Zemana AntiMalware
Version: NA 302,613 Downloads
