Ransomware news & analysis | SC Media

Ransomware

Ransomware attack pays off as Delaware Guidance Services gives in to criminals

By

The Delaware Guidance Services (DGS) for Children and Youth is the latest organization to pay off the cybercriminals who locked up their network with a ransomware attack. The Dover, Del., based organization said in a letter to its patients and guardians that the attack took place on December 25, 2018. Files containing personal information, such…

Pinchy Spider goes big game hunting with GandCrab

By

Pinchy Spider and its affiliated cybergangs are reacting to attempts to decrypt and defend against their flagship malware GandCrab by altering how the ransomware is deployed and recruiting new members to broaden the gang’s cyberskills. New studies by Crowdstrike and SophosLabs show Pinchy Spider is turning toward a “Big Game Hunting” deployment model where the…

Locky Ransomware

New B0r0nt0K ransomware roughs up Linux servers

By

Linux servers and possibly Windows-based machines as well are susceptible to a newly discovered ransomware called B0r0nt0K that encrypts affected data with a base64 algorithm. Bleeping Computer reported the threat on Sunday after one of its forum visitors published a post about a client whose website web server was infected. The server, which runs on…

Heart attack: Ransomware encrypts Australian cardiac clinic’s patient files

By

Employees of Melbourne Heart Group in Malvern, Australia, have been unable to access patients’ medical records following a January ransomware attack that encrypted the health care provider’s files. The cardiology clinic disclosed the incident today on its website’s home page. “We have been assured that no patient’s privacy has been compromised in any way,” the…

Third decryption tool for GandCrab ransomware released to public

By

A new free decryption tool for counteracting the effects of GandCrab ransomware is now available to the public.  This latest decryptor is effective against versions 1, 4 and 5.x up through 5.1, which means GandCrab variants released as recently as October 2018 can now be defeated. The tool is the result of a collaborative effort…

Ransomware attackers exploit old plug-in flaw to infect MSPs and their clients

By

Researchers are warning that hackers are exploiting a plug-in vulnerability to infect MSPs and their customers with GandCrab ransomware. The bug, CVE-2017-18362, dates back to 2017, and is found in unpatched versions of the ConnectWise ManagedITSync integration plug-in tool, explains a Feb. 8 blog post by Chris Bisnett, security researcher at Huntress Labs. This plug-in…

Possible ransomware attack disturbs Altran Technologies’ European operations

By

French engineering research and consulting firm Altran Technologies disclosed this week that a Jan. 24 cyberattack impacted its operations in certain European countries. In response to the incident, the company immediately shut down its IT network and all applications,” the company said in a press release issued on Monday. Altran’s statement was short on specifics,…

Phishing campaign throws Shade ransomware at Russians

By

Attackers this month have revived an email phishing operation that targets Russian speakers with Shade ransomware served via malicious JavaScript attachments. The scam first emerged in a campaign that began in mid-October of last year, before dying down over the holiday period. But January ushered in a more intense second phase that doubled the previous…

Next post in Security News