Ransomware news & analysis | SC Media

Ransomware

Cloud-hosting firm iNSYNQ shut down by MegaCortex ransomware

The QuickBooks cloud-hosting firm iNSYNQ is still in recovery mode after being hit with a MegaCortex ransomware attack that forced it offline last week and the company expects it to take at least several more days to get all its customers back online. Company CEO Elliot Luchansky said in a July 22 blog post that…

Report suggests GandCrab’s developers may have created Sodinokibi ransomware

Evidence is reportedly mounting that the recently discovered ransomware program known as Sodinokibi was created by the same developers who introduced GandCrab ransomware. Last month, GandCrab’s developers publicly disclosed that they were retiring after raking in roughly $2 billion in extortion payments. But this announcement may have been misleading at best, according to security researcher…

LaPorte County pays $130,000 ransom to regain access

After attempting to recover from a ransomware attack for about a week, the LaPorte County Board of Commissioners opted to pay the $130,000 ransom in order to regain access to their network. Local news reports have the county paying the ransom after negotiating with the attackers and noting that insurance will cover about $100,000 of…

U.S. mayors resolve to no longer pay ransomware attackers

The United States Conference of Mayors issued a resolution at its 87th annual meeting to stand united against paying ransoms when their municipality is hit with a ransomware attack. The organization stated in its resolution that paying ransoms merely encourages others to conduct similar attacks by showing there could be a financial benefit, and that…

homesecurityiotdevice_1259556

New eCh0raix ransomware now hitting QNAP NAS drives

Anomali has unveiled a new ransomware variant that is targeting network attached storage (NAS) devices made by QNAP Systems. The ransomware, dubbed eCh0raix after a line in the code, was first spotted in June when a discussion regarding it appeared in Bleeping Computer’s forums. At this point it is not widespread and for reasons and…

WannaLocker ransomware found combined with RAT and banking trojan

Researchers are warning that a new version of WannaLocker – essentially a mobile derivative of WannaCry ransomware – has been enhanced with spyware, remote access trojan and banking trojan capabilities. Cybercriminals have been using the all-in-one malware package in a campaign targeting Brazilian banks and their Android mobile customers, according to a July 1 blog…

ransomware

U.S. Virgin Islands hit with ransomware and BEC attack

The U.S. Virgin Islands Police department was hit with a ransomware attack in April that targeted servers housing internal affairs records and citizen complaints while the territory’s water department was separately hit with a business email compromise (BEC). “A lot of our files got corrupted, so we did notify the FBI and we are working with…

Next post in Ransomware