February 20, 2025 By Pierluigi Paganini
NailaoLocker ransomware is a new threat that targeted European healthcare organizations from June to October 2024.
Orange Cyberdefense CERT uncovered a malware campaign, tracked as The Green Nailao campaign, that targeted European organizations, including healthcare, in late 2024, using ShadowPad, PlugX, and the previously undocumented NailaoLocker ransomware.
The Orange Cyberdefense CERT investigated four attackers with a similar initial access vector consisting of the compromise of a Check Point VPN appliance.
The experts believe threat actors exploited the zero-day CVE-2024-24919 in Check Point Security Gateways with Remote Access VPN or Mobile Access features.