Starting around the end of July 2020, Mount Locker began breaching corporate networks. Mount Locker uses ChaCha20 to encrypt the files and an embedded RSA-2048 public key to encrypt the encryption key.
Incidents Associated with this Threat
- November 3, 2020: System Outage at Miltenyi Biotec after Ransomware Attack
- August 11, 2020: Thyssenkrupp System Engineering Group Target of Ransomware Attack
Malware Used by this Threat Actor
No malware identified for this threat actor.