VERY IMPORTANT

In late February 2021, F-Secure’s Managed Detection and Response (MDR) service identified the execution of SystemBC malware as part of a hands on keyboard crimeware intrusion. The intrusion was stopped before the threat actor could reach their objective, but in recent reporting the use of this malware has been tied to Ransomware activity. F-Secure was also able to identify another recent intrusion conducted by the threat actor where they had deployed Ryuk ransomware.F-Secure’s analysis of the SystemBC sample identified that this was a new variant of the malware, with several notable differences from previous versions. The sample was executed by a previously undocumented “wrapper”, which F-Secure’s research suggests has been used in combination with multiple malware families common in crimeware intrusions.