US warns about Trinity ransomware on crypto market
The Trinity ransomware has affected at least one health-care entity in the United States, according to the United States Health Sector Cybersecurity Coordination Centre.
A United States government agency issued a warning regarding Trinity ransomware, which is renowned for extorting cryptocurrency from its victims in exchange for refraining from disclosing data that has been accessed through multiple attack vectors.
The US Health Sector Cybersecurity Coordination Centre (HC3) released a profile of Trinity ransomware on October 4, which is a threat actor that targets sensitive data. In an effort to fool victims into installing the ransomware on their computers, the assailants employ deceptive emails, malicious websites, and software vulnerabilities.
Next, it conducts a search of the computer for sensitive information, accumulates it, and transmits it to hackers. Additionally, the ransomware encrypts the victim’s files using an algorithm, rendering them unusable.
The ransomware generates a note after encrypting the files, informing its victims that it has extracted and encrypted their data. The note demands payment in exchange for a decryption key.
The note also informs victims that they have 24 hours to pay in cryptocurrency or their data will be compromised. Written by HC3:
“Failure to notify the perpetrators within 24 hours will result in the theft or sale of the stolen data. Regrettably, Trinity ransomware is currently unsupported by any known decryption tools, which presents victims with limited alternatives.”
Health-care providers are among the critical infrastructure that Trinity ransomware targets, according to HC3. The ransomware had affected seven organizations, according to the government agency. According to HC3, Trinity ransomware has lately infiltrated at least one healthcare entity in the United States.
In 2023, high-profile institutions and infrastructure paid approximately $1.1 billion in cryptocurrency to ransomware perpetrators, according to Chainalysis’ 2024 Crypto Crime Report. The report stated that a variety of actors, including individuals, minor criminal groups, and large-scale syndicates, conducted attacks last year.
In 2023, 538 new ransomware variants were developed, according to the report. Additionally, prominent organizations such as the BBC and British Airways were targeted.
Also Read: UBS expects big crypto investment outflow from China stimulus