Attacks were carried out on the data storage systems of universities. After the attacks, it was not possible to recover the data.
DeadBolt is a ransomware that attacks mainly small and medium—sized businesses, designed to encrypt databases. Moreover, the virus operators demand a ransom not only from users, but also from equipment manufacturers for technical information about the vulnerability that they used during the attack.
It is noted that there are 3.6 thousand devices in the world that were attacked by DeadBolt.
“Group-IB criminologists have successfully analyzed a sample of the DeadBolt ransomware program obtained during one of the reactions in Russia. Small and medium-sized businesses are most often victims of ransomware, but Group—IB experts are aware of several cases of attacks on leading Russian universities,” Group-IB reported.