The U.S. Cybersecurity and Infrastructure Security Agency and the FBI issued a joint warning Aug. 11 about Zeppelin ransomware, which is being used to target healthcare organizations and medical industries.
Five things to know about Zeppelin:
- Zeppelin ransomware is a variant of Vega malware and has been used in attacks on critical infrastructure organizations since 2019.
- Zeppelin hackers have been known to request ransom payments in Bitcoin, with initial amounts ranging from several thousand dollars to over a million dollars.
- Zeppelin hackers threaten to publish or sell stolen data from the entities if the victim refuses to pay the ransom.
- The hackers spend one to two weeks inside victims' networks before deploying their ransomware.
- Zeppelin hackers gain access to systems by using vulnerabilities in SonicWall firewalls and phishing emails.