Finds Angler servers at a Dallas hosting provider during research Credit: Thinkstock Cisco this week says it disabled a distributor of the Angler ransomware exploit kit, a program that holds victim machines hostage via encryption.The catch disrupted a global ransomware operation that netted $60 million annually for the perpetrators, Cisco states in a blog post.+MORE ON NETWORK WORLD: Jane Austen lets the boogie man in: Cisco report+During research, Cisco’s Talos security unit discovered that computers infected with the Angler Exploit Kit were connecting to servers at Limestone Networks, a Dallas hosting provider. Angler encrypts victim machines until the victims pay a sum – a ransom — to have them decrypted. Limestone worked with Talos to deliver previously unknown insight into Angler’s data flow, management, and scale. Cisco also collaborated with Level 3 Communications and OpenDNS, a company it is acquiring, to learn more about the activity and devise a defense.According to the blog, Cisco shut down access for customers by updating products to stop redirects to the Angler proxy servers. The company also released Snort rules to detect and block checks from the health checks, and published protocols and other information so service providers and their customers can protect themselves. “This is a significant blow to the emerging hacker economy where ransomware and the black market sale of stolen IP, credit card info and personally identifiable information are generating hundreds of millions of dollars annually,” Cisco stated in the blog post. Related content news Is China waging a cyber war with Taiwan? Nation-state hacking groups based in China have sharply ramped up cyberattacks against Taiwan this year, according to multiple reports. By Gagandeep Kaur Dec 01, 2023 4 mins Cyberattacks Government news Apple patches info-stealing, zero day bugs in iPads and Macs The vulnerabilities that can allow the leaking of sensitive information and enable arbitrary code execution have had exploitations in the wild. By Shweta Sharma Dec 01, 2023 3 mins Zero-day vulnerability feature The CSO guide to top security conferences Tracking postponements, cancellations, and conferences gone virtual — CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you. By CSO Staff Dec 01, 2023 6 mins Technology Industry IT Skills Events news Conti-linked ransomware takes in $107 million in ransoms: Report A ransomware campaign linked to the ostensibly defunct Conti malware group has targeted mostly US businesses, in a costly series of attacks. By Jon Gold Nov 30, 2023 4 mins Ransomware Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe