Ransomware news & analysis | SC Media

Ransomware

Damages from ransomware attack on Norsk Hydro reach as high as $40M

By

Aluminum company Norsk Hydro has already lost as much as $40.6 million since it was attacked by LockerGoga ransomware on March 19, but at least most of its operations are back running at normal capacity, the company said in a news update yesterday. Most of the financial damage, which Hydro estimated at between 300 million…

Locky Ransomware

Researchers: LockerGoga coding error can be exploited to prevent malicious encryption

By

The LockerGoga ransomware that’s been targeting industrial and manufacturing companies in early 2019 contains a coding error that could potentially be exploited to stop it from encrypting files, researchers say. The mistake pertains to how the malware handles .lnk file extensions, explains a March 25 blog post from threat management company Alert Logic, whose researchers…

Decryption tool created for ransomware designed to boost PewDiePie subscriptions

By

A PewDiePie fan has taken his admiration of the popular video game commentator a little too far, creating a ransomware designed to increase the YouTube star’s subscriber count. Fortunately, anti-malware company Emsisoft last week announced a new a decryption tool that restores machines infected by the unusual malware, named “PewCrypt.” On its website, Emsisoft describes…

Two U.S. chemical companies disclose cyberattack, LockerGoga suspected

By

Just days after a ransomware attack disrupted operations at Norwegian aluminium company Norsk Hydro, two U.S.-based chemical companies last Friday disclosed that they were affected by an unspecified network security incident that blocked access to certain IT systems and data. Reports suggest the incidents could be the work of LockerGoga, the same malicious encryption program that…

Orange County hit and taken offline with ransomware

By

The Orange County, N.C., government was knocked offline by a ransomware attack early Monday morning. County officials discovered files were being encrypted and shut down its entire network in an effort to stop the malware from spreading, effectively shutting down online access to most county services, according to a statement. An outside security firm has…

Ransomware attack pays off as Delaware Guidance Services gives in to criminals

By

The Delaware Guidance Services (DGS) for Children and Youth is the latest organization to pay off the cybercriminals who locked up their network with a ransomware attack. The Dover, Del., based organization said in a letter to its patients and guardians that the attack took place on December 25, 2018. Files containing personal information, such…

Pinchy Spider goes big game hunting with GandCrab

By

Pinchy Spider and its affiliated cybergangs are reacting to attempts to decrypt and defend against their flagship malware GandCrab by altering how the ransomware is deployed and recruiting new members to broaden the gang’s cyberskills. New studies by Crowdstrike and SophosLabs show Pinchy Spider is turning toward a “Big Game Hunting” deployment model where the…

Locky Ransomware

New B0r0nt0K ransomware roughs up Linux servers

By

Linux servers and possibly Windows-based machines as well are susceptible to a newly discovered ransomware called B0r0nt0K that encrypts affected data with a base64 algorithm. Bleeping Computer reported the threat on Sunday after one of its forum visitors published a post about a client whose website web server was infected. The server, which runs on…

Heart attack: Ransomware encrypts Australian cardiac clinic’s patient files

By

Employees of Melbourne Heart Group in Malvern, Australia, have been unable to access patients’ medical records following a January ransomware attack that encrypted the health care provider’s files. The cardiology clinic disclosed the incident today on its website’s home page. “We have been assured that no patient’s privacy has been compromised in any way,” the…

Next post in Security News