Ransomware
NetWalker
First seen: 2019-08 • Status: disrupted
Disrupted by Law Enforcement
NetWalker attacked hospitals during COVID-19. The FBI shut it down and arrested people involved, recovering some ransom payments.
Overview
NetWalker was a ransomware-as-a-service that targeted healthcare and education. The FBI disrupted it in 2021 and arrested a Canadian affiliate.
Also Known As
Mailto
How It Spreads
- • Phishing
- • RDP exploitation
- • VPN vulnerabilities
What It Does
- • File encryption
- • Data theft
- • Double extortion
Is your business exposed?
Target Platforms
Windows
Detection Tips
- • Monitor for NetWalker signatures
- • Watch for fileless techniques
MITRE ATT&CK Techniques
T1486, T1567
If You're Infected
- 1.
Isolate infected systems
- 2.
Report to FBI
Is your business exposed?
Check if your company data is circulating on the dark web
Free scan • No credit card required