Malicious software gains unauthorized access to enterprise infrastructure through a VPN, bypassing multi-factor authentication. Subsequently, confidential data is stolen and access to the system is blocked, with a ransom demand displayed on the screen, utilizing Bitcoin as the payment method. This has resulted in scammers obtaining over $42 million and impacting more than 250 companies.
The initial attacks targeted Windows-based computer systems, but investigators later identified a Linux version of the malicious software. According to reports, the financial impact of such scams increased by 53% to $3.94 billion in 2023, with the FBI noting that most of the scams were related to promises of high profits from investments in digital assets, accounting for 86% of losses from investment fraud in the United States.