Ransomware gang creates tool to automate VPN brute-force attacks

Ransomware gang creates tool to automate VPN brute-force attacks
Summary: The Black Basta ransomware operation has developed an automated brute-forcing tool named β€˜BRUTED’ that targets edge networking devices such as firewalls and VPNs. This framework enhances their ransomware attacks by providing streamlined access to vulnerable endpoints, with reports of increased credential-stuffing attacks throughout 2024. The tool has been designed to evade detection while significantly increasing attack efficiency on various remote-access products.

Affected: Edge Networking Devices (VPNs, Firewalls, etc.)

Keypoints :

  • BRUTED automates credential stuffing and brute-force attacks on multiple VPN and remote-access products.
  • The tool enumerates and targets publicly accessible devices, enhancing efficiency in identifying vulnerabilities.
  • Defensive measures include enforcing strong passwords, using multi-factor authentication (MFA), and monitoring suspicious login attempts.

Source: https://www.bleepingcomputer.com/news/security/black-basta-ransomware-creates-automated-tool-to-brute-force-vpns/