New Defray Ransomware Targeting US and UK Healthcare, Education, Manufacturing and Tech Sectors - IBT

An important article by author, India Ashok, entitled, "New Defray ransomware demands $5,000 from US and UK victims in highly customised attacks", appeared on August 26, on the International Business Times website. It identified a form of ransomware that, according to Ashok, "is using highly customised phishing emails to go after specific targets. Defray, unlike other ransomware variants, is demanding a relatively higher ransom amount - $5,000 in bitcoins from its victims."



Critical to healthcare, public and private sector enterprises, the article continued: "The Defray ransomware is being spread via malicious Microsoft Word document attachments embedded in phishing emails. The ransomware has been named after its C&C server. Coincidentally, the word defray also means 'to provide money to pay a portion of a cost or expense.'" Ashok cited Defray's discovery via, "Proofpoint researchers, who uncovered Defray's campaign, say that in two separate phishing campaigns, detected on 15 August and 22 August respectively, the cybercriminals operating the ransomware were found using official logos of hospitals and businesses, to trick users into opening malware-laced email attachments." This, of course, places this new malicious "intruder" even closer to day-to-day functions, with content more readily accessed by employees, volunteers, and others in all organizational responsibilities and at all levels.

Derive Technologies currently delivers a complete cybersecurity solution portfolio with our strategic alliance partners, including Microsoft, Hewlett Packard Enterprise, Cisco, HP, Inc., and more (including providers to healthcare, education and other specific vertical industries). From policy to business data, from the desktop to the data center, Derive offers protection from malicious attacks for the complete business network, so that malware and other threats can be detected, contained, and/or removed. This includes continuous development of protections and removal strategies for all new forms of malware.

Contact Derive

Please contact a Derive Technologies Security Specialist by calling (212) 363-1111, or by completing the form on this page (please specify "Derive Ransomware Protection" in the form's comments).