SnapMC can breach systems and issue threats within the time it takes to install a software update.
SnapMC, a new cyber threat group, has emerged that skips ransomware and goes from breach to ransom in 30 minutes.
In less time than it takes to grab lunch, SnapMC can breach an organization’s systems, steal their sensitive data, and demand payment to keep it from being published, according to a new report from NCC Group’s threat intelligence team. No ransomware is required.
NCC Group hasn’t yet been able to link SnapMC to any known threat actors. The name SnapMC is derived from the actor’s rapid attacks and the exfiltration tool it uses, mc.exe.
The extortion emails from SnapMC give victims 24 hours to get in contact and 72 hours to negotiate, according to NCC Group. Furthermore, this actor starts increasing the pressure well before countdown hits zero.
SnapMC includes a list of the stolen data as evidence that they have had access to in the victim’s infrastructure. If the organization doesn’t respond or negotiate within the given time frame, the actor threatens to publish the data. Or worse, it immediately publishes the stolen data, and informs the victim’s customers and various media outlets.
Channel Futures: How is SnapMC different from typical ransomware attacks?
Srinivas Mukkamala: The primary difference between SnapMC and typical ransomware attacks are the tactics they are adopting and their focus on the vulnerabilities they travel that provide remote access with elevated privileges for them to access data and exfiltrate.
Raghu Nandakumara: SnapMC is squarely a theft-only attack, where attackers steal something valuable and require payment to return it. And they differentiate themselves from advanced persistent threats (APTs) because they strike with speed, rather than a low-and-slow approach. Unlike typical ransomware threat groups, SnapMC skips the ransom and goes straight to extortion, meaning that threat actors can breach systems and issue threats during the time it takes for most people to install a software update, or go on a walk.
See our slideshow above for more on SnapMC and more cybersecurity news.
Salesforce’s Tiffani Bova on How to Grow Sales in 2022
How to Unlock Your Channel Potential in the New Year
Agent Commissions at Risk: Here’s How You Can Fight It
Pax8: Cloud Spending Not Slowing Down in the New Year
SolarWinds Hires HP, NetApp Vet as VP of Partner Sales
Armis Funding Round Pushes Company’s Valuation to $3.4 Billion
Microsoft Releases Teams Essentials Aimed at Small Businesses
Juniper Networks Introduces New Elite Plus Tier in New Look Partner Program
Please log in again. The login page will open in a new tab. After logging in you can close it and return to this page.