Doubleface
By |Published On: August 23rd, 2024|2 min read|Categories: Dark Web, Data Exfiltration, Ransomware|

The group behind Doubleface ransomware has recently attacked the website of Donetsk International Airport, demonstrating its capability to execute high-profile cyberattacks.

Key Features and Pricing

Doubleface ransomware uses the C/C++ programming language. It also employs AES-128 and RSA-4096 encryption algorithms.

According to the seller, Doubleface ransomware is undetected by most major antivirus programs like Windows 10/11 Defender, Avast, Kaspersky and AVG. Its unpredictable behavior lets it bypass existing cybersecurity defenses.

Unlike some ransomware variants, Doubleface does not require a stub. But attackers must be careful in the management of the decryption key, because the wrong key will destroy all encrypted files.

The ransomware can work independently of an internet connection or network. It supports evasion of virtual machines, debugging tools and sandbox environments. These stealth features make it difficult to detect and mitigate.

This ransomware costs USD 500 per copy and can be bought in bulk. Also available for USD 10,000 is the complete source code for the ransomware. That opens up the code for cybercriminals to take it and perhaps modify it for their own purposes/purposes.

Notable Incidents

The group behind Doubleface ransomware is said to have attacked the website of Donetsk International Airport on August 10, 2024. This suggests that they might be involved in important or politically driven attacks.

Doubleface post airport takedown

Image: Doubleface posting their airport takedown on a messaging application

Secure Your Organization With BlackFog

The recent attack by the Doubleface ransomware at Donetsk Airport shows that we need stronger protection for important systems. Ransomware locks files, stopping people from using them until the attackers get paid. But paying them only makes them attack more.

BlackFog’s ADX solution prevents cyberattacks including ransomware and crucially stops data exfiltration attempts in real-time. It constantly watches network activity and quickly stops any unauthorized copying or stealing of data as it happens, 24/7, without the need for human interaction. This stops files from being locked in the first place.

Click here to learn more about how BlackFog can protect your business.

Share This Story, Choose Your Platform!

Related Posts

  • Big Game Hunting Rise

Big Game Hunting is on the Rise in Cybercrime

October 9th, 2024|

Big game hunting in cybercrime refers to attacks where cybercriminals target large organizations with the goal of demanding hefty ransoms. This article explores the tactics used in these attacks, provides real-world examples, and explains why this form of cybercrime is becoming increasingly common.

  • How ADX is implemented by BlackFog

TAG Blog Series 3 – How ADX is Integrated by BlackFog

September 30th, 2024|

Integrating Anti Data Exfiltration (ADX) solutions is essential for enterprise cybersecurity. This article examines how BlackFog's ADX enhances existing technologies by focusing on prevention and the shift-left paradigm. It illustrates ADX's effectiveness against ransomware and its support for modern managed security service providers, demonstrating how ADX integration creates a comprehensive security solution.

  • Data Exfiltration Extortion

Data Exfiltration Extortion Now Averages $5.21 Million According to IBM’s Report

September 23rd, 2024|

According to IBM's 2024 Data Breach Report, the financial toll of data exfiltration extortion has surged, with the average cost now reaching $5.21 million per incident. This alarming trend highlights the growing sophistication of cybercriminals and the increasing financial risks organizations face when sensitive data is compromised. As data breaches continue to escalate, businesses must prioritize robust cybersecurity measures to mitigate these costly threats.