Eldorado

Winsage
July 10, 2024
- Eldorado ransomware attacks have significantly increased, targeting various industries with cross-platform encryption operations. - Affiliates of Eldorado ransomware are actively seeking skilled partners on RAMP ransomware forums, posing a threat to users, especially those on Linux servers. - RAMP forum has promoted 60% of new RaaS programs between 2022 and 2023, indicating a growing demand for skilled affiliates in the ransomware landscape. - Eldorado ransomware utilizes advanced encryption algorithms on Windows and Linux platforms, leveraging SMB protocol to encrypt large files on victim networks. - Until June 2024, Eldorado ransomware attacks have targeted 16 companies across different countries and industries, with the US being the most affected.
Winsage
July 10, 2024
Eldorado ransomware is a sophisticated Ransomware-as-a-Service (RaaS) that targets both Windows and Linux operating systems using advanced encryption techniques such as Chacha20 and RSA-OAEP. The malware has the ability to spread through shared networks and infect removable media like USB drives. Affiliates recruited by cyber-criminals through underground forums can customize attacks to specific target networks or organizations. As of June 2024, Eldorado has targeted numerous companies across various industries worldwide. Implementing multi-factor authentication, endpoint detection and response solutions, regular data backups, timely patching, and continuous employee training is crucial to defend against ransomware attacks.
Search