Royal malware with royal ransom demands.
The US Cybersecurity and Infrastructure Security Agency (CISA) said cybercriminals used a variant of the Royal ransomware to attack more than 100 US and international organizations.
Once inside the target's system, the hackers disable the antivirus software and steal large amounts of data before deploying the Royal ransomware. The CIA believes that the Royal malware is based on the Zeon malware that is associated with the Conti syndicate.
The Royal hackers demanded a ransom of between $1 million and $11 million in bitcoin. Notably, the cybercriminals did not include ransom amounts and payment instructions in the ransom note. Instead, the cybercriminals demanded that the victims interact with them directly.
On December 1, 2022, Royal claimed responsibility for a cyberattack on telecommunications company Intrado. According to experts, the attackers demanded a $60 million ransom.