Vice Society Is Joining the PrintNightmare Attacks
Microsoft released a patch designed to fix the PrintNightmare situation, but unfortunately, it didn’t effectively deal with the problem. Now, Vice Society, another known ransomware gang, is joining in on the attacks.
— Craig Williams (@security_craig) August 12, 2021
Apparently, Vice Society ransomware operators used two print spooler exploits to deploy a malicious DLL, as observed by Cisco Talos researchers and spotted by BleepingComputer.
Vice Society’s ransomware can encrypt both Windows and Linux systems with OpenSSL. Typically, Vice Society targets victims in human-operated double-extortion attacks. It has previously targeted public school districts and other educational institutions, but that doesn’t mean that’ll remain the gang’s focus.
Additionally, The Conti and Magniber ransomware gangs are exploiting the PrintNightmare situation, creating even more problems. The more groups who end up exploiting the PrintNightmare vulnerability, the more dangerous it becomes.
According to Cisco Talos, “Multiple distinct threat actors are now taking advantage of PrintNightmare, and this adoption will likely continue to increase as long as it is effective.”
Basically, this means that PrintNightmare is becoming more dangerous, and it’ll continue to be a problem as more groups figure out ways to use it.
What Does This Mean For You?
As always, this serves as a reminder to be careful what you do online. There are a lot of malicious individuals out there looking to take advantage of vulnerabilities like PrintNightmare. Make sure to keep Windows updated, as Microsoft will continue to release patches.
RELATED: Want to Survive Ransomware? Here’s How to Protect Your PC