Skip to main content

New Zeppelin Ransomware Brings Companies To A Halt

By December 23, 2019May 9th, 2022Cybersecurity

Researchers at BlackBerry Cylance have discovered a new and dangerous strain of ransomware in the wild dubbed “Zeppelin”.

It has been used to target small numbers of healthcare and technology-related companies in the US, Canada and Europe in recent weeks. An analysis of the code reveals that Zeppelin is related to, but distinct from the VegaLocker ransomware family.

The code has been heavily modified and enhanced though, to the point that the researchers felt confident in calling it a brand-new strain.

The new threat is primarily spread in supply-chain attacks via Managed Security Service Providers, which makes it functionally similar to the Sodinokibi ransomware family.  Of interest, the code is incredibly configurable. Researchers surmise that it’s being offered in underground forums as a “Software as Service,” with third-party hackers paying for the right to use it, then customizing it to their needs.

Zeppelin was first compiled in early November 2019, and since that time, it has been used on a limited basis against what the researchers describe as “a few carefully selected targets”.

They also had this to say about their recent discovery:

“There seem to be a limited number of victims, and we haven’t seen the malware being used in any wide-spread distribution campaign so far, therefore it looks like the threat actors are rather careful in whom they are targeting…one of the possibilities is that the campaign didn’t yet fully take off and the current victims are only the ‘patient zero’ in some kind of test run.

The advice is the same as always: use a comprehensive security solution, maintain up-to-date operating systems, perform regular backups – and keep them on mediums that are usually disconnected from the network, educate your personnel on basic security guidelines, stay cautious and vigilant.”

It’s very good advice.  Although not yet widespread, Zeppelin poses a serious threat indeed.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.