The FBI has issued a warning about the ongoing Ghost ransomware attack, which is affecting multiple targets in over 70 countries. The threat actors, believed to be based in China, use publicly available code to exploit security vulnerabilities in software and firmware. Unlike typical phishing scams, Ghost actors focus on exploiting outdated systems.
The FBI alert states that the attacks began early 2021, targeting victims with outdated internet-facing services. Affected areas include critical infrastructure, schools, healthcare, government networks, and businesses of all sizes. The ransomware files used during the attacks were Cring.exe, Ghost.exe, ElysiumO.exe, and Locker.exe.
To prevent these attacks, the FBI advises maintaining regular system backups, patching known vulnerabilities, training workers to recognize phishing attempts, identifying abnormal network activity, and taking additional technical measures to prevent future attacks.
Source: https://www.al.com/news/2025/02/fbi-warns-a-cyber-attack-under-way-and-you-should-back-up-your-data.html