Custom Quick Reference Information Directories
Request A Sample
GCC Blog

We hope you find our articles informative and interesting. If you'd like to receive our monthly newsletter with articles like these, please take a minute to sign up.

FBI Issues Warning of Ongoing ‘Ghost’ Ransomware Attack

March 5th, 2025 by Guest Communications

Written by: Leada Gore, al.com – Feb 24, 2025

(TNS) — The Federal Bureau of Investigation has issued a warning about an ongoing Ghost ransomware attack.

A Feb. 19 alert from the Cybersecurity and Infrastructure Security Agency and the FBI said threat actors known as “Ghost” are conducting ransomware attacks on multiple targets in more than 70 countries. Believed to be working out of China, Forbes reported the group goes by many names, including Cring, Crypt3r, Phantom, Strike, Hello, Wickrme, HsHarada and Rapture.

The group doesn’t typically use phishing techniques, a common scammer method that involves impersonating a legitimate source to prompt someone to click on a phony link or provide personal information.


Instead, Ghost uses publicly available code to exploit security vulnerabilities in software and firmware that have not been correct. Forbes said the group does this to gain access to Internet-facing servers and strike with ransomware payloads.

“Beginning early 2021, Ghost actors began attacking victims whose Internet facing services ran outdated versions of software and firmware, the FBI alert noted. “Ghost actors, located in China, conduct these widespread attacks for financial gain. Affected victims include critical infrastructure, schools and universities, healthcare, government networks, religious institutions, technology and manufacturing companies, and numerous small- and medium-sized businesses.”

Some of the ransomware files Ghost used during the attacks were Cring.exe, Ghost.exe, ElysiumO.exe, and Locker.exe.


To prevent the attacks, the FBI advises:

  • Maintain regular system backups. “Ghost ransomware victims whose backups were unaffected by the ransomware attack were often able to restore operations without needing to contact Ghost actors or pay a ransom,” the FBI alert noted.
  • Patch known vulnerabilities. This includes applying timely security updates to operating systems, software and firmware.
  • Train workers to recognize phishing attempts.
  • Identity and alert others to abnormal network activity.

You can see more technical fixes and preventatives here.

©2025 Advance Local Media LLC, Distributed by Tribune Content Agency, LLC.

This article appeared on Emergency Management News and is shared with consent: https://www.govtech.com/security/fbi-issues-warning-of-ongoing-ghost-ransomware-attack


Guide to Guest Services™
Guide to Guest Services
Fully customized vinyl information directories for your patients and their visitors. They are easy to update and easy to use.
Learn more ►
Guide to Emergency Preparedness™
Guide to Emergency Preparedness
Fully customized quick reference guides to help keep your staff prepared for emergencies.
Learn more ►
Guide to Infection Control™
Guide to Infection Control
Fully customized quick reference guide to help keep your staff prepared for safe infection prevention and control procedures.
Learn more ►
Guide Accessories and Upgrades
Accessories for your guides
Protect your investment by utilizing one of our various mounting systems.
Learn more ►
Other Popular Products
Other Popular Products
Customized products including 3-Ring Binders, Sports Memory Books, Menus, Hotel Directories, and more…
Learn more ►
HOME | PRODUCTS | TESTIMONIALS | ABOUT US | RESOURCES | CONTACT US | SITEMAP | Connect with us on LinkedIn
© 2025 GCC. All Rights Reserved. Contact the Webmaster.
Employee E-mail | News Login