Municipalities took a beating this week with at least four reporting being shut down from new ransomware attacks or struggling to recover from an older incident. Augusta, Maine; Imperial County, Calif.; Stuart, Fla.; and Greenville, N.C. were all in different stages of recovering from ransomware attacks over the last seven days. Augusta City Center operations…
Threat actors are using accounts with admin privileges to install BitPaymer ransomware via PsExec suggesting threat actors are taking a more targeted approach to their distribution of malware. Similar to the Arizona Beverage ransomware attack earlier this month, a manufacturing company also appears to have been targeted in an attack in which the company’s name…
A new ransomware dubbed CryptoPokemon encrypts user files and demands approximately $104 worth of Bitcoin to decrypt the files. CryptoPokemon encrypts files using SHA256 + AES128 and comes with a note containing an email address and website to contact the threat actors who describe themselves as “valiant support [who] will help you solve this problem.”…
Garfield County, Utah became the latest municipality to not only be hit with a ransomware attack, but succumb to the attackers demand and pay the ransom. Local news reports said the attack happened several weeks ago, but proved so severe that the county opted to pay for the release of its files. The payment was…
Greenville, N.C., has effectively been knocked offline by a ransomware attack with the city IT department having shut down the majority of its servers to limit the extent of the attack. In a Facebook post city officials said the incident began on April 10 and TheReflector.com reported a city spokesperson a ransom note was received…
Traditionally associated with payment card theft, the cybercriminal group FIN6 has expanded its operations to apparently include ransomware attacks using the malicious encryption programs Ryuk and LockerGoga, according to researchers. Investigations by the FireEye Intelligence research team and the company’s Mandiant division have revealed that FIN6’s ransomware activity dates back to July 2018, and has…
Genesee County, Mich. officials are telling residents the ransomware attack it suffered has had a larger impact than originally thought and that many services are not likely to be quickly restored. The county reported the attack to residents on April 2 on its Facebook page stating the attackers encrypted some files and demanded a ransom,…
Arizona Beverages, quick to the grocer’s shelf with its ubiquitous iced teas, has been slow to get much of its network running again after it discovered its backup system wasn’t properly configured to restore its systems in the wake of a targeted ransomware attack and was forced to spend a pretty penny to bring in…
A Battle Creek, Mich. medical practice is being forced to shut its doors after cyberattackers wiped out its files when the firm refused to pay a ransom. Brookside ENT and Hearing Center’s Dr. William Scalf told wwmt.com the center was hit with ransomware which locked up its files and presented the practice with a $6,500…
Albany, New York was hit with a ransomware attack on March 30 that has shut down an undetermined number of several city services. Albany Mayor Kathy Sheehan informed the public of the attack in a tweet on Saturday. Few details of the attack have been issued by city officials, but Sheehan did tell all city…
