Ransomware news & analysis | SC Media

Ransomware

Locky Ransomware

Conti ransomware encrypts files quicker, targets SMB network shares

As Ryuk wanes, a new family of ransomware dubbed Conti, which mimicks many of Ryuk’s commands but sports some unique features that differentiates it from others, is on the rise. “Conti uses a large number of independent threads to perform encryption, allowing up to 32 simultaneous encryption efforts, resulting in faster encryption compared to many other families,”…

Hidden purpose of Mac ‘ransomware’ EvilQuest is data exfiltration, say researchers

Researchers have developed a decryption tool for the recently discovered EvilQuest ransomware program designed to target Mac machines. But several analysts now concur that EvilQuest’s malicious encryption may be more of a decoy, while the program’s true purpose appears to be data exfiltration. In a new blog post this week, Thomas Reed, director of Mac…

MongoDB hacker threatens to report breach to GDPR

A hacker that uploaded ransom notes on nearly 23,000 MongoDB databases left exposed online without passwords has given his potential victims until tomorrow to pay a $140 ransom, or possibly report the breach to local GDPR authorities. According to recent ZDNet story, the hacker used an automated script to scan for misconfigured MongoDB databases, effectively…

LeBron James among the 1st stars to have their stolen law firm files put up for auction

The Sodinokibi/REvil ransomware gang has apparently made good on its threat to auction off files it lifted from celebrity law firm Grubman Shire Meiselas & Sacks. The group on July 1 reportedly placed legal documents corresponding to Nicki Minaj, Mariah Carey and LeBron James up for bid, with the starting price set at $600,000 per…

NetWalker ransomware group claims attack on Fort Worth transportation agency

Another Texas-based government institution may have fallen victim to ransomware actors. According to a reliable source, the cybercriminals behind the malicious encryptor NetWalker have published online evidence of an attack on Trinity Metro, a transit agency that operates bus and commuter rail transportation services in Fort Worth and its nearby Tarrant County suburbs. Trinity Metro…

Ransomware Threat

Xerox apparent victim of Maze attack

It appears that Xerox is among the victims of Maze ransomware attackers, if screenshots posted by the ransomware’s operators are legitimate. The hackers pilfered more than 100GB of information and are threatening to publish it, according to a report in BleepingComputer, which cited the ransom note as saying, “After the payment the data will be…

OSX.EvilQuest ransomware targets Macs; Ransom X blamed for TxDOT attack

The crowded ransomware market is now home to three newly discovered players that recently gained the attention of security researchers and malware analysts — including one that targets Mac users and another blamed for a recent attack on the Texas Department of Transportation. Dubbed OSX.EvilQuest, the Mac ransomware was observed being distributed on a Russian…

UCSF paid $1.4 million ransom in NetWalker attack

The University of California, San Francisco (UCSF) ponied up $1.4 million to hackers to retrieve data encrypted during a NetWalker ransomware attack disclosed in early June.  “The data that was encrypted is important to some of the academic work we pursue as a university serving the public good,” according to a  statement from UCSF, which said…

Next post in Security News