As Ryuk wanes, a new family of ransomware dubbed Conti, which mimicks many of Ryuk’s commands but sports some unique features that differentiates it from others, is on the rise. “Conti uses a large number of independent threads to perform encryption, allowing up to 32 simultaneous encryption efforts, resulting in faster encryption compared to many other families,”…
Researchers have developed a decryption tool for the recently discovered EvilQuest ransomware program designed to target Mac machines. But several analysts now concur that EvilQuest’s malicious encryption may be more of a decoy, while the program’s true purpose appears to be data exfiltration. In a new blog post this week, Thomas Reed, director of Mac…
An apparent Ragnar Locker ransomware attack on the parent company of EDP Renewables put information of some of its customers at risk although the firm said it has no evidence PII was accessed. The attack could have exposed names and Social Security numbers stored in the company’s systems, though in a letter to customers, EDPR…
A hacker that uploaded ransom notes on nearly 23,000 MongoDB databases left exposed online without passwords has given his potential victims until tomorrow to pay a $140 ransom, or possibly report the breach to local GDPR authorities. According to recent ZDNet story, the hacker used an automated script to scan for misconfigured MongoDB databases, effectively…
The Sodinokibi/REvil ransomware gang has apparently made good on its threat to auction off files it lifted from celebrity law firm Grubman Shire Meiselas & Sacks. The group on July 1 reportedly placed legal documents corresponding to Nicki Minaj, Mariah Carey and LeBron James up for bid, with the starting price set at $600,000 per…
Another Texas-based government institution may have fallen victim to ransomware actors. According to a reliable source, the cybercriminals behind the malicious encryptor NetWalker have published online evidence of an attack on Trinity Metro, a transit agency that operates bus and commuter rail transportation services in Fort Worth and its nearby Tarrant County suburbs. Trinity Metro…
It appears that Xerox is among the victims of Maze ransomware attackers, if screenshots posted by the ransomware’s operators are legitimate. The hackers pilfered more than 100GB of information and are threatening to publish it, according to a report in BleepingComputer, which cited the ransom note as saying, “After the payment the data will be…
The crowded ransomware market is now home to three newly discovered players that recently gained the attention of security researchers and malware analysts — including one that targets Mac users and another blamed for a recent attack on the Texas Department of Transportation. Dubbed OSX.EvilQuest, the Mac ransomware was observed being distributed on a Russian…
A 21-year-old man has been sentenced to serve 13 months in federal prison for his role in creating the Satori DDoS botnet, which descended from Mirai IoT malware, announced U.S. Attorney Bryan Schroder in Anchorage, Alaska. Kenneth Currin Schuchman, 22, of Vancouver, Wash., was sentenced today by Chief U.S. District Judge Timothy M. Burgess, after…
The University of California, San Francisco (UCSF) ponied up $1.4 million to hackers to retrieve data encrypted during a NetWalker ransomware attack disclosed in early June. “The data that was encrypted is important to some of the academic work we pursue as a university serving the public good,” according to a statement from UCSF, which said…
