Cybersecurity » Be on the Lookout for Cactus Ransomware!

Be on the Lookout for Cactus Ransomware!

Image of human figure on a compouter screen, as he is pulling a rope attached to an envelope that is imaged on an adjacent computer screen.

A new ransomware operation called Cactus is exploiting vulnerabilities in network devices with enhanced security features, or VPN appliances, to access the networks of large businesses. Cactus has been active since March and is looking for big payouts, inferred to be in the millions, from its victims. Researchers at Kroll, a corporate investigation and risk consulting firm, believe that Cactus obtains initial access into the victim’s network by exploiting known vulnerabilities in Fortinet ransomware VPN appliances. What sets Cactus apart from other operations is how it uses encryption. “Cactus essentially encrypts itself, making it harder to detect and helping it evade antivirus and network monitoring tools,” said Laurie Iacono, Associate Managing Director for Cyber Risk at Kroll.


The malware uses multiple extensions for the files it targets. It runs the malware in quick and normal mode consecutively, encrypting the same file twice and appending a new extension after each process. Once in the network, a batch script is run that uninstalls the most commonly used antivirus products. Cactus follows the standard double extortion approach by stealing data before encrypting it. Although they haven’t set up a leak site, they do threaten victims with publishing the stolen files unless they get paid. Applying the latest software updates, monitoring the network for large data exfiltration tasks and responding quickly will protect your network from the final, most damaging stages of a ransomware attack.

Get our free daily newsletter

Subscribe for the latest news and business legal developments.

Read this next

Top 100 Litigator Sues Blue Cross Over His Cancer Treatment

In 2018, Robert Salim, 67, realized he was seriously ill. After numerous […]

Eight States Now Require Pay Transparency in Job Postings

Financial Industry Suing to Foil New Regulations

New rules aimed at lenders, investment funds, and other financial entities would […]

Regulatory Burden Factors Into AI Decision

GC Must Warn Boards Of AI Risks

There are companies investing hundreds of millions of dollars or more into […]

Scroll to Top