NEW

3 Cybersecurity Predictions for 2025

Arrow pointing right
ExtraHop Logo
Try RevealX™
Menu iconX icon
  • Productschevron right
  • Solutionschevron right
  • Why ExtraHopchevron right
  • Blogchevron right
  • Resourceschevron right
Sign In
Contact Us

How ExtraHop NDR Detects HardBit 2.0 Ransomware (Video)

Share blog icon

Back to top

Back to top

March 9, 2023

How ExtraHop NDR Detects HardBit 2.0 Ransomware (Video)

HardBit ransomware is ransomware as a service (RaaS) that was first observed in October 2022. By November, the threat had moved to version 2.0, which continues to use similar tactics, techniques, and procedures (TTPs) that allow many threat actors to evade endpoint detection and gain access to the network. However, this new version appears to also use a new tactic by targeting organizations with cybersecurity insurance. This new tactic allows attackers to negotiate a higher payout, assuring the victim that it’s in their best interest to have the insurer cover their ransomware demands.

Watch this short video with ExtraHop expert Josh Snow as he guides you through a HardBit ransomware attack, from initial access to how it gathers information, to how it overwrites and replaces content with encrypted data. He explains how network detection and response (NDR) from ExtraHop Reveal(x) 360 can detect this attack at a variety of stages, from initial access and reconnaissance, to data encryption and beyond. Josh also shows how Reveal(x) 360 detects lateral movement, including new or unusual Windows Management Instrumentation (WMI) processes, remote registry modification, suspicious SMB/CIFS file activity, and more attacker activities.

Discover more

blog image
Blog author

ExtraHop is on a mission to arm security teams to confront active threats and stop breaches. Our RevealX™ 360 platform, powered by cloud-scale AI, covertly decrypts and analyzes all cloud and network traffic in real time to eliminate blind spots and detect threats that other tools miss. Sophisticated machine learning models are applied to petabytes of telemetry collected continuously, helping ExtraHop customers to identify suspicious behavior and secure over 15 million IT assets, 2 million POS systems, and 50 million patient records. ExtraHop is a market share leader in network detection and response with 30 recent industry awards including Forbes AI 50, Cybercrime Ransomware 25, and SC Media Security Innovator.

Learn more at our About Us page.

Share
LinkedIn logoX logoFacebook logo

Explore related articles

Detecting Black Basta Ransomware with ExtraHop NDR (Video)

February 9, 2023

Watch ExtraHop expert Josh Snow explain how Reveal(x) 360 can detect and prevent Black Basta ransomware before it causes damage.

Security ThreatsRansomwareCybersecurityHow-ToZero TrustProducts
Read articleArrow pointing right

How Reveal(x) Network Detection & Response Makes MITRE ATT&CK Easier

July 2, 2020

Network detection and response (NDR) is a vital tool for broad, deep MITRE ATT&CK Framework coverage. This short post and three minute video shows how Reveal(x) integrates MITRE ATT&CK into threat investigations.

CybersecurityIndustry TrendsSecurity FrameworksSecurity Threats
Read articleArrow pointing right

Threat Investigation Speed Run with ExtraHop Reveal(x)

March 2, 2020

Watch the 2-minute video to see how quickly security teams can detect, investigate, and resolve a threat like ransomware using ExtraHop Reveal(x).

CybersecuritySecurity ThreatsRevealX
Read articleArrow pointing right

Experience RevealX NDR for Yourself

Schedule a demo
Contact us