A United States government agency has issued a warning about Trinity ransomware, which extorts cryptocurrency from its victims in exchange for keeping their data confidential.

Threat Description

On October 4, the United States Health Sector Cybersecurity Coordination Center (HC3) published an in-depth profile of Trinity ransomware. The attacks utilize phishing emails, malicious websites, and software vulnerabilities to propagate the malware, which then searches for and encrypts sensitive information.

Ransom Demands

After encrypting victims’ data, the ransomware leaves a note demanding a cryptocurrency ransom within 24 hours, threatening to leak the data otherwise. HC3 highlights that no decryption tools are currently available for Trinity, posing a severe challenge for victims.

Ransomware Economy in 2023

According to Chainalysis’ 2024 report, high-profile institutions paid around $1.1 billion in crypto to ransomware attackers in 2023. These attacks involved a range of criminal groups.

The rise of cyber threats associated with ransomware underscores the need for enhanced security measures, particularly in critical sectors.