Ransomware news & analysis | SC Media


Downloads of cracked software distribute ransomware via adware bundles


Websites offering cracked versions of popular software programs have recently been serving up adware bundles that secretly deliver a variant of STOP ransomware. According to a pair of reports from Bleeping Computer founder Lawrence Abrams, the scheme came to light in December 2018 with the appearance of the malicious encryptor “Djvu” – so named because…

Ransomware attack comes with malicious ransom note


Some cybercriminals are taking an “in for a penny in for a pound” approach with a new ransomware campaign that is now under development. MalwareHunterTeam discovered the ransomware and the fact the malicious actors kindly offer several forms of payment to obtain the decrytption key, including PayPal. However, if the victim chooses PayPal and follows…

Del Rio, Texas ransomware attack knocks city offline


Another city was hit with a ransomware attack which knocked daily services back into the era of the pen and Pad. Last week, the city of Del Rio, Texas was hit with a ransomware attack which forced city officials to shut down the servers at its city hall and deny employees access to the system,…

Ryuk ransomware linked to Emotet and TrickBot trojans; suspicions shift to cybercriminal group


Multiple researchers are linking the Ryuk ransomware that disrupted the operations of multiple U.S. newspapers in late 2018 to the Emotet and TrickBot trojans. In so doing, some analysts have now also shifted blame for the attack from North Korean actors to cybercriminals, possibly from Russia, while others maintain that attribution efforts are premature. Crowdstrike,…

Dental Center of NW Ohio feels bite of ransomware attack on IT vendor


The Toledo-based Dental Center of Northwest Ohio has disclosed that a ransomware attack affecting its local third-party IT vendor may be endangered personal data belonging to current and former patients and employees. The IT vendor, Arakyta, informed the health care provider of the possible breach situation around Sept. 1, 2018, the health care provider said in…

Ransomware strikes University of Maryland Medical System


The University of Maryland Medical System was hit with a ransomware attack earlier this week that affected a small number of its medical devices offline. About 250 of the system’s 27,000 devices were impacted by the attack, The Baltimore Sun reported. However, a hospital spokesman told The Sun the devices were not encrypted, as is…

City of North Bend hit with ransomware


The city of North Bend, Ore., was hit with a ransomware attack which temporarily locked out city workers from their computers and databases. “One weekend morning a few weeks back all of our servers and things locked up, and we received a ransomware note that said for $50,000 in Bitcoin these people would provide us…

Company’s ransomware decryption service is a sham, researchers report


A Russian company that claims to specialize in decrypting ransomware is actually just secretly brokering deals with the malware distributors and charging victims for this middle-man service, researchers say. The so-called IT consulting firm, known as Dr. Shifro, advertises that it can fix systems affected by such malicious encryptors as Cryakl, Scarab, Bomber, and Dharma/Crisis.…

black shades

Redwood Eye Care hit with ransomware, 16,000 records encrypted


The Redwood Eye Center has notified 16,000 California residents their personal information may have been compromised when a company subcontractor suffered a ransomware attack. The Redwood Eye Center learned on September 19, 2018 that third-party vendor IT Lighthouse that hosts Redwood’s medical records database experienced a ransomware attack that locked the server containing 16,055 the…

Next post in Security News