Application security

Greenville in recovery phase from Robbinhood ransomware attack

The city of Greenville, N.C., said it is recovering from the April 10 ransomware attack that had effectively knocked the city offline, without having to resort to paying the ransom demand.

City officials told WCTI12 the government network had been locked up by the relatively new Robbinhood ransomware, also known has Hidden Tear. There is a removal process for Robbinhood, which is normally injected into a target via a phishing attack, or sometimes with a browser hijacker, although it was not made clear how the city is going about deleting the ransomware.

Greenville’s systems are not fully back online and city officials do not have a completion date for the process.

In a Facebook post at the time of the attack city, officials said the incident began on April 10. Citing a Greenvile official, TheReflector.com reported that a ransom request had been received, but the city brought in cybersecurity help from other municipalities and was prepared to go a couple of days without computer support in order to investigate the situation.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.