A Real Pain: CACTUS Ransomware Wreaks Havoc on VPNs

June 2, 2023


Virtual private networks, more commonly known as VPNs, have long been touted as a more secure way to browse the Internet. They allow you to access the internet securely and anonymously, making it difficult for anyone to track your online activity. VPNs can also be used to bypass geo-restrictions and ISPs, allowing you to access content that may otherwise be blocked in your location. Some are paid, some are free; they all help you enjoy a secure and private browsing experience while protecting yourself from cyber threats.

How does it work? Basically, the VPN service creates an encrypted connection between your computer and the internet, allowing you to access websites, applications, and services without anyone else being able to monitor your activity.

Sounds great…but every software has its vulnerability. One malicious program is finding one in common VPNs.

CACTUS Ransomware

Circa March 2023, organizations began reporting odd behavior that was later uncovered to be CACTUS. This ransomware group as certainly entered center stage with a bang.

By compromising the VPN service directly, CACTUS can target specific networks. Since companies use VPNs to protect the transit and communication of their most private information, this nets the group serious leverage. They’re able to remotely monitor their target’s system and escalate their own privileges to carry out the attack.

Just like your VPN, CACTUS is encrypted. That makes it much harder for your antivirus and other continuous monitoring software to recognize it for what it is. This is one instance where you want your security team to pay attention themselves!

What Happens to Victims?

Quite typically for a ransomware group, the threat group behind CACTUS also employs double extortion techniques on their victims. So even if you pay the exorbitant ransom they charge, and even if they really do decrypt your information and give it back, they will then demand a second payment to stop them from publishing or selling copies of your private files.

Typically, ransomware groups don’t give your data back even if you pay! In fact, they run off with your money AND data over 90% of the time!

Much better, then, is to follow your company’s usual incident response plan when it comes to ransomware. Immediately report it to your IT team so they can enact next steps ASAP.


Ransomware has been one of the top threats to businesses of ALL sizes for years now. CACTUS is simply one example of why that trend doesn’t seem to be going away; if anything, it shows how threat actors continue to evolve trying to dart past our best defenses.

We need to be prepared for the worst! The cyber-threat landscape is getting savvier with every new defense mechanism we invent. Thus it’s critical to stay abreast of new threats so you can recognize the signs and defend your systems appropriately. CACTUS is only the latest ransomware threat to businesses today.


Most Recent Post


Our Exclusive FREE Cybersecurity Toolkit

Stay Secure with Top Free Cybersecurity Apps and Tools Recommended by PlanIT

In today’s digital age, protecting your online presence is more critical than ever. That’s why we’re excited to offer you our exclusive Cybersecurity Toolkit for FREE – to arm you with the essential tools and knowledge to safeguard your data and privacy.

Why You Need This Toolkit?

Protect Sensitive Information: Keep your personal and financial data safe from hackers and cybercriminals.

Enhance Digital Privacy: Shield your online activities from prying eyes and maintain your privacy.

Prevent Cyber Attacks: Equip yourself with the knowledge and tools to prevent and respond to cyber threats.

Peace of Mind: Enjoy the confidence that comes with knowing your digital life is secure.

Related Articles

iPhone Running Slow? Speed It up with One of These Tips

iPhone Running Slow? Speed It up with One of These Tips

Let's face it, iPhones are amazing devices. But even the sleekest, most powerful iPhone can succumb to the dreaded slowdown. Apps take forever to load and scrolling feels sluggish. Pretty soon, simple tasks become frustrating ordeals.If your iPhone has gone from...

Is Your Business Losing Money Because Employees Can’t Use Tech?

Is Your Business Losing Money Because Employees Can’t Use Tech?

Shiny new tech can be exciting! It promises increased efficiency, happier employees, and a competitive edge. It’s also necessary to stay competitive in today’s technology-driven business world.But that promise can turn into a financial nightmare if you neglect two...

10 Easy Steps to Building a Culture of Cyber Awareness

10 Easy Steps to Building a Culture of Cyber Awareness

Cyberattacks are a constant threat in today's digital world. Phishing emails, malware downloads, and data breaches. They can cripple businesses and devastate personal lives.Employee error is the reason many threats get introduced to a business network. A lack of...