2019, Encryption, Information Security and Ransomware

8Base ransomware operators use a new variant of the Phobos ransomware

Security Affairs

NOVEMBER 19, 2023

8Base ransomware operators were observed using a variant of the Phobos ransomware in a recent wave of attacks. Cisco Talos researchers observed 8Base ransomware operators using a variant of the Phobos ransomware in recent attacks. The ransomware component is then decrypted and loaded into the SmokeLoader process’ memory.

Ransomware

Ransomware Encryption Backups Manufacturing

New Linux variant of Clop Ransomware uses a flawed encryption algorithm

Security Affairs

FEBRUARY 7, 2023

A new Linux variant of the Clop ransomware has been observed in the wild, the good news is that its encryption algorithm is flawed. SentinelLabs researchers have observed the first Linux variant of the Clop ransomware. This generated RC4 key is used to encrypt the mappedAddress and write it back to the file.”

Encryption

Encryption Ransomware Cybercrime Engineering

LockBit 2.0, the first ransomware that uses group policies to encrypt Windows domains

Security Affairs

JULY 29, 2021

ransomware is now able to encrypt Windows domains by using Active Directory group policies. ransomware that encrypts Windows domains by using Active Directory group policies. ransomware that encrypts Windows domains by using Active Directory group policies. Like other ransomware operations, LockBit 2.0

Encryption

Encryption Ransomware Malware Hacking

Ransomware operators exploit VMWare ESXi flaws to encrypt disks of VMs

Security Affairs

FEBRUARY 2, 2021

Ransomware operators are exploiting two VMWare ESXi vulnerabilities, CVE-2019-5544 and CVE-2020-3992, to encrypt virtual hard disks. Security experts are warning of ransomware attacks exploiting two VMWare ESXi vulnerabilities, CVE-2019-5544 and CVE-2020-3992 , to encrypt virtual hard disks.

Encryption

Encryption Ransomware System Administration Hacking

Bitdefender released a free decryptor for the MegaCortex ransomware

Security Affairs

JANUARY 6, 2023

Antivirus firm Bitdefender released a decryptor for the MegaCortex ransomware allowing its victims to restore their data for free. Antivirus firm Bitdefender released a decryptor for the MegaCortex ransomware , which can allow victims of the group to restore their data for free. SecurityAffairs – hacking, ransomware).

Ransomware

Ransomware Antivirus Encryption Backups

Ragnar Ransomware encrypts files from virtual machines to evade detection

Security Affairs

MAY 25, 2020

Ransomware encrypts from virtual machines to evade antivirus. Ragnar Locker deploys Windows XP virtual machines to encrypt victim’s files, the trick allows to evaded detection from security software. and the Ragnar Locker ransomware executable will automatically be present in the root of the C: drive.

Encryption

Encryption Ransomware Energy and Utilities Advertising

Ryuk Ransomware evolution avoid encrypting Linux folders

Security Affairs

DECEMBER 26, 2019

Experts spotted a new strain of the Ryuk Ransomware that was developed to avoid encrypting folders commonly seen in *NIX operating systems. Kremez noticed that the ransomware doesn’t encrypt folders that are associated with *NIX operating systems. 2019-12-21: #Ryuk #Ransomware as V2.EXE

Encryption

Encryption Ransomware Malware Advertising

A new wave of ech0raix ransomware attacks targets QNAP NAS devices

Security Affairs

DECEMBER 27, 2021

A new wave of ech0raix ransomware attacks is targeting QNAP network-attached storage (NAS) devices. The threat actors behind the ech0raix ransomware are targeting NAP network-attached storage (NAS) devices. The attackers first create a user in the administrator group, then use it to encrypt the content of the NAS. and 1.0.6).”

Ransomware

Ransomware Encryption Manufacturing Hacking

Chip maker Advantech hit by Conti ransomware gang

Security Affairs

NOVEMBER 28, 2020

The IIoT chip maker Advantech was hit by the Conti ransomware, the gang is now demanding over $13 million ransom from the company. billion in 2019. billion in 2019. The ransomware gang announced on November 21, 2020 the leak of stolen data if the chipmaker would not have paid the ransom within the next day.

Ransomware

Ransomware Encryption IoT Malware

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

Ransomware is undoubtedly one of the most unnerving phenomena in the cyber threat landscape. Numerous strains of this destructive code have been the front-page news in global computer security chronicles for almost a decade now, with jaw-dropping ups and dramatic downs accompanying its progress. inch diskettes. inch diskettes.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Maze ransomware is going out of the business

Security Affairs

NOVEMBER 1, 2020

The Maze ransomware operators are shutting down their operations for more than one year the appeared on the threat landscape in May 2019. The Maze cybercrime gang is shutting down its operations, it was considered one of the most prominent and active ransomware crew since it began operating in May 2019.

Ransomware

Ransomware Cybercrime Advertising Software

New eCh0raix ransomware variant targets NAS devices from both QNAP and Synology vendors

Security Affairs

AUGUST 10, 2021

A new variant of the eCh0raix ransomware is able to target Network-Attached Storage (NAS) devices from both QNAP and Synology vendors. A newly variant of the eCh0raix ransomware is able to infect Network-Attached Storage (NAS) devices from Taiwanese vendors QNAP and Synology. ” reads the report published by Palo Alto Researchers.

Ransomware

Ransomware Encryption Firmware Passwords

A new wave of Qlocker ransomware attacks targets QNAP NAS devices

Security Affairs

JANUARY 16, 2022

QNAP NAS devices are under attack, experts warn of a new Qlocker ransomware campaign that hit devices worldwide. A new wave of Qlocker ransomware it targeting QNAP NAS devices worldwide, the new campaign started on January 6 and it drops ransom notes named !!!READ_ME.txt reads the security advisory published by the vendor.

Ransomware

Ransomware Encryption Backups Firmware

The source code of the Paradise Ransomware was leaked on XSS hacking forum

Security Affairs

JUNE 15, 2021

The source code for the Paradise Ransomware has been released on a hacking forum allowing threat actors to develop their customized variant. The source code for the Paradise Ransomware has been released on the hacking forum XSS allowing threat actors to develop their own customized ransomware operation. Source BleepingComputer.

Ransomware

Ransomware Hacking Encryption Malware

Zeppelin ransomware gang is back after a temporary pause

Security Affairs

MAY 24, 2021

Operators behind the Zeppelin ransomware-as-a-service (RaaS) have resumed their operations after a temporary interruption. Researchers from BleepingComputer reported that operators behind the Zeppelin ransomware-as-a-service (RaaS), aka Buran , have resumed their operations after a temporary interruption. Pierluigi Paganini.

Ransomware

Ransomware Encryption Malware Healthcare

DeathRansom ransomware evolves encrypting files, but experts identified its author

Security Affairs

JANUARY 5, 2020

DeathRansom was considered fake ransomware due to the fact that it did not implement an effective encryption process, but now things are changing. DeathRansom is a ransomware family that was initially classified as a joke because it did not implement an effective encryption scheme. Pierluigi Paganini.

Encryption

Encryption Ransomware Malware Scams

Ukrainian REvil gang member sentenced to 13 years in prison

Security Affairs

MAY 2, 2024

The Ukrainian national, Yaroslav Vasinskyi (24), aka Rabotnik, has been sentenced to more than 13 years in prison and must pay $16 million in restitution for conducting numerous ransomware attacks and extorting victims. Vasinskyi is a REvil ransomware affiliate since at least March 1st, 2019. in March 2022. million in U.S.

Ransomware

Ransomware Cryptocurrency Cybercrime Encryption

Saint Gheorghe Recovery Hospital in Romania suffered a ransomware attack

Security Affairs

JANUARY 6, 2023

The Saint Gheorghe Recovery Hospital in Romania suffered a ransomware attack in December that is still impacting medical activity. The Saint Gheorghe Recovery Hospital in Botoşani, in northeastern Romania, was hit by a ransomware attack in December that is still impacting medical operations. Pierluigi Paganini.

Ransomware

Ransomware Antivirus Media Encryption

Experts warn of a new eCh0raix ransomware campaign targeting QNAP NAS

Security Affairs

JUNE 19, 2022

Experts warn of a new ech0raix ransomware campaign targeting QNAP Network Attached Storage (NAS) devices. Bleeping Computer and MalwareHunterTeam researchers, citing user reports and sample submissions on the ID Ransomware platform, warn of a new wave of ech0raix ransomware attacks targeting QNAP Network Attached Storage (NAS) devices.

Ransomware

Ransomware Encryption Internet Internet

Two hacker groups are back in the news, LockBit 3.0 Black and BlackCat/AlphV

Security Affairs

OCTOBER 3, 2023

Like all ransomware, this is a type of malware that, once introduced into an organization, encrypts the data and then requires the victim to pay a ransom in order to decrypt it. ” The analyzed attack spread the ransomware Lockbit 3.0 ” The analyzed attack spread the ransomware Lockbit 3.0 Black The LockBit 3.0

Ransomware

Ransomware Encryption Technology Backups

Evil Corp rebrands their ransomware, this time is the Macaw Locker

Security Affairs

OCTOBER 21, 2021

Evil Corp cybercrime gang is using a new ransomware called Macaw Locker to evade US sanctions that prevent victims from paying the ransom. Evil Corp has launched a new ransomware called Macaw Locker to evade US sanctions that prevent victims from making ransom payments. macaw extension to the file name of the encrypted files.

Ransomware

Ransomware Cybercrime Banking Encryption

REvil ransomware gang hacked Acer and is demanding a $50 million ransom

Security Affairs

MARCH 20, 2021

Taiwanese multinational hardware and electronics corporation Acer was victim of a REvil ransomware attack, the gang demanded a $50,000,000 ransom. Taiwanese computer giant Acer was victim of the REvil ransomware attack, the gang is demanding the payment of a $50,000,000 ransom, the largest one to date. billion in revenue.

Ransomware

Ransomware Hacking Computers and Electronics Malware

Dissecting the malicious arsenal of the Makop ransomware gang

Security Affairs

MARCH 14, 2023

Cyber security researcher Luca Mella analyzed the Makop ransomware employed in a recent intrusion. Executive summary Insights from a recent intrusion authored by Makop ransomware operators show persistence capability through dedicated.NET tools. Advanced_Port_Scanner_2.5.3869.exe

Ransomware

Ransomware Software System Administration Encryption

Bl00dy ransomware gang started using leaked LockBit 3.0 builder in attacks

Security Affairs

SEPTEMBER 29, 2022

The recently born Bl00Dy Ransomware gang has started using the recently leaked LockBit ransomware builder in attacks in the wild. The Bl00Dy Ransomware gang is the first group that started using the recently leaked LockBit ransomware builder in attacks in the wild. Ransomware. builder to create its own ransomware.

Ransomware

Ransomware Hacking Encryption Passwords

Technology giant Konica Minolta hit by a ransomware attack

Security Affairs

AUGUST 17, 2020

IT giant Konica Minolta was hit with a ransomware attack at the end of July, its services have been impacted for almost a week. A ransomware attack has impacted the services at the business technology giant Konica Minolta for almost a week, the attack took place at the end of July. Pierluigi Paganini.

Technology

Technology Ransomware Advertising Encryption

eCh0raix ransomware is back and targets QNAP NAS devices again

Security Affairs

JUNE 6, 2020

eCh0raix Ransomware operators are back after months of apparent inactivity, now are targeting QNAP storage devices in a new campaign. Threat actors behind the eCh0raix Ransomware have launched a new campaign aimed at infecting QNAP storage devices. encrypt extension to filenames of encrypted files. Pierluigi Paganini.

Ransomware

Ransomware Encryption Advertising Manufacturing

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

Security Affairs

AUGUST 9, 2021

The Australian Cyber Security Centre (ACSC) warns of a surge of LockBit 2.0 ransomware attacks against Australian organizations starting July 2021. The Australian Cyber Security Centre (ACSC) warns of an escalation in LockBit 2.0 ransomware attacks against Australian organizations in multiple industry sectors starting July 2021.

Ransomware

Ransomware Retail Manufacturing Encryption

CISA, FBI shared a joint advisory to warn of Zeppelin ransomware attacks

Security Affairs

AUGUST 13, 2022

The US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI are warning of Zeppelin ransomware attacks. The US Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have published a joint advisory to warn of Zeppelin ransomware attacks.

Ransomware

Ransomware Encryption Firmware Backups

Delta Electronics, a tech giants’ contractor, hit by Conti ransomware

Security Affairs

JANUARY 28, 2022

Delta Electronics, a Taiwanese contractor for multiple tech giants such as Apple, Dell, HP and Tesla, was hit by Conti ransomware. Taiwanese electronics manufacturing company Delta Electronics was hit by the Conti ransomware that took place this week. ” reported a statement from the security company cited by CTWANT.

Computers and Electronics

Computers and Electronics Ransomware Manufacturing Malware

UHS hospitals hit by Ryuk ransomware attack

Security Affairs

SEPTEMBER 28, 2020

Universal Health Services (UHS) healthcare providers has reportedly shut down systems at healthcare facilities after a Ryuk ransomware attack. Universal Health Services (UHS) is an American Fortune 500 company that provides hospital and healthcare services, in 2019, its annual revenues were $11.37 billion in 2019.

Ransomware

Ransomware Healthcare Advertising Antivirus

Belarussian authorities arrested GandCrab ransomware distributor

Security Affairs

AUGUST 3, 2020

Last week, the Minister of Internal Affairs of Belarus announced the arrest of a 31-year-old man that is accused of distributing the infamous GandCrab ransomware. Last week, the Minister of Internal Affairs of Belarus announced the arrest of a man on charges of distributing the infamous GandCrab ransomware.

Ransomware

Ransomware Advertising Malware Hacking

CERT France – Pysa ransomware is targeting local governments

Security Affairs

MARCH 19, 2020

CERT France is warning of a new wave of attacks using Pysa ransomware (Mespinoza) that is targeting local governments. CERT France cyber-security agency is warning about a new wave of ransomware attack that is targeting the networks of local government authorities. locked to the filename of the encrypted files.

Government

Government Ransomware Encryption Penetration Testing

PYSA ransomware gang is the most active group in November

Security Affairs

DECEMBER 22, 2021

PYSA and Lockbit were the most active ransomware gangs in the threat landscape in November 2021, researchers from NCC Group report. Security researchers from NCC Group reported an increase in ransomware attacks in November 2021 over the past month, and PYSA (aka Mespinoza) and Lockbit were the most active ransomware gangs.

Ransomware

Ransomware Penetration Testing Healthcare Government

SeaChange video delivery software solutions provider hit by Sodinokibi ransomware

Security Affairs

APRIL 24, 2020

The popular SeaChange video platform is the latest victim of the Sodinokibi Ransomware gang, which is threatening to leak the stolen data. SeaChange International, the multinational supplier of video delivery software solutions, was the victim of the Sodinokibi Ransomware gang. SecurityAffairs – Sodinokibi Ransomware, hacking).

Software

Software Ransomware VPN Advertising

Ragnar Locker ransomware gang advertises Campari hack on Facebook

Security Affairs

NOVEMBER 11, 2020

?Ragnar Locker Ransomware operators have started to run Facebook advertisements to force their victims into paying the ransom. In November 2019, ransomware operators have started adopting a new double-extortion strategy first used by the Maze gang that sees threat actors also stealing unencrypted files before encrypting infected systems.

Advertising

Advertising Hacking Ransomware Accountability

FBI issued a flash alert on Lockbit ransomware operation

Security Affairs

FEBRUARY 5, 2022

The FBI released a flash alert containing technical details associated with the LockBit ransomware operation. The Federal Bureau of Investigation (FBI) has issued a flash alert containing technical details and indicators of compromise associated with LockBit ransomware operations. Like other ransomware gangs, Lockbit 2.0

Ransomware

Ransomware Backups Encryption Accountability

SunCrypt ransomware operators leak data of University Hospital New Jersey

Security Affairs

SEPTEMBER 17, 2020

University Hospital New Jersey (UHNJ) has suffered a ransomware attack, SunCrypt ransomware operators also leaked the data they have stolen. Systems at the University Hospital New Jersey (UHNJ) were encrypted with the SunCrypt ransomware, threat actors also stolen documents from the institution and leaked it online.

Ransomware

Ransomware Advertising Data breaches Encryption

FBI warns of PYSA Ransomware attacks against Education Institutions in US and UK

Security Affairs

MARCH 17, 2021

The FBI has issued an alert to warn about an increase in PYSA ransomware attacks on education institutions in the US and UK. The FBI has issued Tuesday an alert to warn about an increase in PYSA ransomware attacks against education institutions in the United States and the United Kingdom. locked to the filename of the encrypted files.

Education

Education Ransomware Encryption Antivirus

US govt agencies released a joint alert on the Lockbit 3.0 ransomware

Security Affairs

MARCH 18, 2023

ransomware gang. ransomware. “The Federal Bureau of Investigation (FBI), CISA, and the Multi-State Information Sharing and Analysis Center (MS-ISAC) has released a joint cybersecurity advisory (CSA), #StopRansomware: LockBit 3.0. ransomware. ransomware as recently as March 2023.” “LockBit 3.0

Ransomware

Ransomware Penetration Testing Encryption Accountability

Travelex paid $2.3 Million ransom to restore after a ransomware attack

Security Affairs

APRIL 9, 2020

million ransom to decrypt its files after being encrypted by the infamous Sodinokibi ransomware. “As part of this attack, the operators behind the Sodinokibi ransomware told BleepingComputer that they had encrypted the company’s entire network, deleted backup files, and copied more than 5GB of personal data.

Ransomware

Ransomware Encryption Advertising Backups

FBI warns of increase in PYSA ransomware attacks targeting education

Malwarebytes

MARCH 17, 2021

On March 16, the Federal Bureau of Investigation (FBI) issued a “Flash” alert on PYSA ransomware after an uptick on attacks this month against institutions in the education sector, particularly higher ed, K-12, and seminaries. And this isn’t just limited to ransomware attacks.

Education

Education Ransomware Phishing Passwords

Threat spotlight: Conti, the ransomware used in the HSE healthcare attack

Malwarebytes

MAY 28, 2021

On the 14th of May, the Health Service Executive (HSE) , Ireland’s publicly funded healthcare system, fell victim to a Conti ransomware attack, forcing the organization to shut down more than 80,000 affected endpoints and plunging them back to the age of pen and paper. Threat profile: Conti ransomware.

Healthcare

Healthcare Ransomware Encryption Passwords

Sonicwall warns of a spike in the number of attacks involving encrypted malware and IoT malware

Security Affairs

JULY 29, 2019

According to experts at Sonicwall, scanning of random ports and the diffusion of encrypted malware are characterizing the threat landscape. The situation is better in the first half of 2019, when SonicWall recorded 4.8 The situation is better in the first half of 2019, when SonicWall recorded 4.8 billion attacks.

IoT

IoT Encryption Malware Advertising

Chilean-based retail giant Cencosud hit by Egregor Ransomware

Security Affairs

NOVEMBER 15, 2020

Chilean-based retail giant Cencosud has suffered a ransomware attack that impacted operations at its stores, Egregor ransomware appears to be involved. A ransomware attack, allegedly launched by the Egregor ransomware gang, hit the Chilean-based retail giant Cencosud, the incident impacted operations at its stores.

Retail

Retail Ransomware Media Malware

8Base ransomware operators use a new variant of the Phobos ransomware

New Linux variant of Clop Ransomware uses a flawed encryption algorithm

Trending Sources

LockBit 2.0, the first ransomware that uses group policies to encrypt Windows domains

Ransomware operators exploit VMWare ESXi flaws to encrypt disks of VMs

Bitdefender released a free decryptor for the MegaCortex ransomware

Ragnar Ransomware encrypts files from virtual machines to evade detection

Ryuk Ransomware evolution avoid encrypting Linux folders

A new wave of ech0raix ransomware attacks targets QNAP NAS devices

Chip maker Advantech hit by Conti ransomware gang

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Maze ransomware is going out of the business

New eCh0raix ransomware variant targets NAS devices from both QNAP and Synology vendors

A new wave of Qlocker ransomware attacks targets QNAP NAS devices

The source code of the Paradise Ransomware was leaked on XSS hacking forum

Zeppelin ransomware gang is back after a temporary pause

DeathRansom ransomware evolves encrypting files, but experts identified its author

Ukrainian REvil gang member sentenced to 13 years in prison

Saint Gheorghe Recovery Hospital in Romania suffered a ransomware attack

Experts warn of a new eCh0raix ransomware campaign targeting QNAP NAS

Two hacker groups are back in the news, LockBit 3.0 Black and BlackCat/AlphV

Evil Corp rebrands their ransomware, this time is the Macaw Locker

REvil ransomware gang hacked Acer and is demanding a $50 million ransom

Dissecting the malicious arsenal of the Makop ransomware gang

Bl00dy ransomware gang started using leaked LockBit 3.0 builder in attacks

Technology giant Konica Minolta hit by a ransomware attack

eCh0raix ransomware is back and targets QNAP NAS devices again

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

CISA, FBI shared a joint advisory to warn of Zeppelin ransomware attacks

Delta Electronics, a tech giants’ contractor, hit by Conti ransomware

UHS hospitals hit by Ryuk ransomware attack

Belarussian authorities arrested GandCrab ransomware distributor

CERT France – Pysa ransomware is targeting local governments

PYSA ransomware gang is the most active group in November

SeaChange video delivery software solutions provider hit by Sodinokibi ransomware

Ragnar Locker ransomware gang advertises Campari hack on Facebook

FBI issued a flash alert on Lockbit ransomware operation

SunCrypt ransomware operators leak data of University Hospital New Jersey

FBI warns of PYSA Ransomware attacks against Education Institutions in US and UK

US govt agencies released a joint alert on the Lockbit 3.0 ransomware

Travelex paid $2.3 Million ransom to restore after a ransomware attack

FBI warns of increase in PYSA ransomware attacks targeting education

Threat spotlight: Conti, the ransomware used in the HSE healthcare attack

Sonicwall warns of a spike in the number of attacks involving encrypted malware and IoT malware

Chilean-based retail giant Cencosud hit by Egregor Ransomware

Stay Connected