Mole02 Ransomware Campaign Hits at Least One Victim in NJ

A new version of CryptFile2, dubbed Mole02, uses malicious advertisements displayed on websites to redirect victims to the Stegano exploit kit that delivers the ransomware payload. The NJCCIC is aware of at least one New Jersey-based victim and has obtained a sample of the malware, confirming the attack vector as well as other indicators of compromise, which can be found on our Ransomware Threat ProfileThe NJCCIC recommends proactively blocking access to the associated IP addresses, running up-to-date antivirus software, using ad-blocking software or browser extensions, applying the Principle of Least Privilege to all user accounts, and implementing a robust data backup and restoration plan.