Websites offering cracked versions of popular software programs have recently been serving up adware bundles that secretly deliver a variant of STOP ransomware. According to a pair of reports from Bleeping Computer founder Lawrence Abrams, the scheme came to light in December 2018 with the appearance of the malicious encryptor “Djvu” – so named because…
Some cybercriminals are taking an “in for a penny in for a pound” approach with a new ransomware campaign that is now under development. MalwareHunterTeam discovered the ransomware and the fact the malicious actors kindly offer several forms of payment to obtain the decrytption key, including PayPal. However, if the victim chooses PayPal and follows…
Another city was hit with a ransomware attack which knocked daily services back into the era of the pen and Pad. Last week, the city of Del Rio, Texas was hit with a ransomware attack which forced city officials to shut down the servers at its city hall and deny employees access to the system,…
Multiple researchers are linking the Ryuk ransomware that disrupted the operations of multiple U.S. newspapers in late 2018 to the Emotet and TrickBot trojans. In so doing, some analysts have now also shifted blame for the attack from North Korean actors to cybercriminals, possibly from Russia, while others maintain that attribution efforts are premature. Crowdstrike,…
At least one threat actor is using a combination of the info stealer Vidar and GandCrab ransomware to put a double whammy on their victims and increase their odds of coming away with something value during an attack. Jerome Segura, head of investigations at Malwarebytes Labs, has tracked the campaign, which uses the Fallout and…
The Toledo-based Dental Center of Northwest Ohio has disclosed that a ransomware attack affecting its local third-party IT vendor may be endangered personal data belonging to current and former patients and employees. The IT vendor, Arakyta, informed the health care provider of the possible breach situation around Sept. 1, 2018, the health care provider said in…
The University of Maryland Medical System was hit with a ransomware attack earlier this week that affected a small number of its medical devices offline. About 250 of the system’s 27,000 devices were impacted by the attack, The Baltimore Sun reported. However, a hospital spokesman told The Sun the devices were not encrypted, as is…
The city of North Bend, Ore., was hit with a ransomware attack which temporarily locked out city workers from their computers and databases. “One weekend morning a few weeks back all of our servers and things locked up, and we received a ransomware note that said for $50,000 in Bitcoin these people would provide us…
A Russian company that claims to specialize in decrypting ransomware is actually just secretly brokering deals with the malware distributors and charging victims for this middle-man service, researchers say. The so-called IT consulting firm, known as Dr. Shifro, advertises that it can fix systems affected by such malicious encryptors as Cryakl, Scarab, Bomber, and Dharma/Crisis.…
The Redwood Eye Center has notified 16,000 California residents their personal information may have been compromised when a company subcontractor suffered a ransomware attack. The Redwood Eye Center learned on September 19, 2018 that third-party vendor IT Lighthouse that hosts Redwood’s medical records database experienced a ransomware attack that locked the server containing 16,055 the…
