The ransomware deployment is achieved by means of a PowerShell script that has also been used by the Black Basta group. CACTUS attacks also utilize Cobalt Strike and a tunneling tool referred to as Chisel for command-and-control, alongside remote monitoring and management software like AnyDesk to push files to the infected hosts.
CACTUS and Rapture are the latest additions to a long list of new ransomware families that have come to light in recent weeks. It is imperative that companies take steps to keep systems up-to-date and enforce the principle of least privilege to prevent these types of attacks.
In conclusion, CACTUS is a new ransomware strain that is exploiting VPN weaknesses to target large commercial entities. Its unique feature of self-encryption makes it harder to detect and evade antivirus and network monitoring tools. Companies should prioritize updating their systems and enforcing the principle of least privilege to prevent these types of attacks.
Author
Write something about yourself. No need to be fancy, just an overview.