Threat Advisories

FreeWorld Ransomware Targets MSSQL Servers Facing Siege

September 7, 2023

Threat Level

Attack Report

For a detailed threat advisory, download the pdf file here

Summary

Adversaries are capitalizing on inadequately protected Microsoft SQL (MS SQL) servers in an operation known as DB#JAMMER, deploying both Cobalt Strike and a ransomware strain named FreeWorld, which appears to be a more recent iteration of the Mimic ransomware.

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.

Unveiling The SuperBear RAT campaigns Targeting the Journalists

New Variant of Chaes Malware ‘Chae$ 4’ Targeting Financial and Logistics Sectors