Ransomware news & analysis | SC Media

Ransomware

Heart attack: Ransomware encrypts Australian cardiac clinic’s patient files

By

Employees of Melbourne Heart Group in Malvern, Australia, have been unable to access patients’ medical records following a January ransomware attack that encrypted the health care provider’s files. The cardiology clinic disclosed the incident today on its website’s home page. “We have been assured that no patient’s privacy has been compromised in any way,” the…

Third decryption tool for GandCrab ransomware released to public

By

A new free decryption tool for counteracting the effects of GandCrab ransomware is now available to the public.  This latest decryptor is effective against versions 1, 4 and 5.x up through 5.1, which means GandCrab variants released as recently as October 2018 can now be defeated. The tool is the result of a collaborative effort…

Ransomware attackers exploit old plug-in flaw to infect MSPs and their clients

By

Researchers are warning that hackers are exploiting a plug-in vulnerability to infect MSPs and their customers with GandCrab ransomware. The bug, CVE-2017-18362, dates back to 2017, and is found in unpatched versions of the ConnectWise ManagedITSync integration plug-in tool, explains a Feb. 8 blog post by Chris Bisnett, security researcher at Huntress Labs. This plug-in…

Possible ransomware attack disturbs Altran Technologies’ European operations

By

French engineering research and consulting firm Altran Technologies disclosed this week that a Jan. 24 cyberattack impacted its operations in certain European countries. In response to the incident, the company immediately shut down its IT network and all applications,” the company said in a press release issued on Monday. Altran’s statement was short on specifics,…

Phishing campaign throws Shade ransomware at Russians

By

Attackers this month have revived an email phishing operation that targets Russian speakers with Shade ransomware served via malicious JavaScript attachments. The scam first emerged in a campaign that began in mid-October of last year, before dying down over the holiday period. But January ushered in a more intense second phase that doubled the previous…

Cloud infrastructure exposed by multivector, multi-platform malware attacks prevalent, mass scale

Persistent malicious attacks exposing cloud infrastructure are the result of a perfect storm combining cryptomining, ransomware and botnet/worms for both Linux and Windows, the Securonix Threat Research Team reported. “The attack activity described in the report is likely prevalent and mass-scale,” Oleg Kolesnikov told SC Media. The research Addison, Texas-based Securonix provides further insight into…

Automatic license plate reader

Ransomware attacks take down Sammamish city hall and Salisbury PD

By

Two municipalities were hit with ransomware attacks that effectively shut down large portions of their computer networks, restricting access to many records. The affected entities are the City of Sammamish, Wash., and the Salisbury, Md. Police Department. Sammamish city officials deemed the attack, which hit on Jan. 23, severe enough to declare an emergency, which…

Fresh-faced Anatova ransomware created by ‘skilled developers,’ researchers warn

By

A new family of ransomware that was discovered in a private peer-to-peer network earlier this month has prompted a warning from researchers due to its apparent modular capabilities and its sophisticated coding and anti-analysis techniques. Nicknamed Anatova, the ransomware has already been detected in at least several hundred machines around the world, despite having a…

Downloads of cracked software distribute ransomware via adware bundles

By

Websites offering cracked versions of popular software programs have recently been serving up adware bundles that secretly deliver a variant of STOP ransomware. According to a pair of reports from Bleeping Computer founder Lawrence Abrams, the scheme came to light in December 2018 with the appearance of the malicious encryptor “Djvu” – so named because…

Next post in Security News