Ransomware | SC Media

Ransomware

LeBron James among the 1st stars to have their stolen law firm files put up for auction

The Sodinokibi/REvil ransomware gang has apparently made good on its threat to auction off files it lifted from celebrity law firm Grubman Shire Meiselas & Sacks. The group on July 1 reportedly placed legal documents corresponding to Nicki Minaj, Mariah Carey and LeBron James up for bid, with the starting price set at $600,000 per…

NetWalker ransomware group claims attack on Fort Worth transportation agency

Another Texas-based government institution may have fallen victim to ransomware actors. According to a reliable source, the cybercriminals behind the malicious encryptor NetWalker have published online evidence of an attack on Trinity Metro, a transit agency that operates bus and commuter rail transportation services in Fort Worth and its nearby Tarrant County suburbs. Trinity Metro…

OSX.EvilQuest ransomware targets Macs; Ransom X blamed for TxDOT attack

The crowded ransomware market is now home to three newly discovered players that recently gained the attention of security researchers and malware analysts — including one that targets Mac users and another blamed for a recent attack on the Texas Department of Transportation. Dubbed OSX.EvilQuest, the Mac ransomware was observed being distributed on a Russian…

Mobile ransomware disguised as upcoming Canadian Covid-19 contact tracing app

Capitalizing on a Canadian government announcement pertaining to the development of a nationwide, voluntary Covid-19 contact tracing app, malicious actors this month created a fake version of such an app that in reality infects Android users with mobile ransomware. According to a new blog post from ESET, the ransomware, dubbed CryCryptor, was found being distributed…

Evil Corp debuts WastedLocker ransomware and new TTPs, researchers say

Researchers have discovered a new ransomware, WastedLocker, that they are attributing with “high confidence” to the Evil Corp cybercriminal gang, two members of which the U.S. Justice Department charged last December with federal hacking and bank fraud crimes. Evil Corp is historically associated with the banking credentials-stealing Zeus trojan and Bugat (aka Dridex) malware, as well as Locky and…

Risk assessments reveal businesses remain deficient in security compliance, training

InfoSec World 2020 – An analysis of more than 100 risk self-assessments conducted by business organizations across a cross-section of industries revealed that over 65 percent admitted to achieving zero-to-minimal compliance of U.S. state data privacy and security regulations, including myriad breach laws and the California Consumer Privacy Act. The discouraging findings show that business…

Dodging AV and endpoint defenses is a ‘snap’ for new Thanos ransomware

Researchers say that a new ransomware builder tool named after the super-villain Thanos — made available for sale on dark web forums — is the first to strategically use RIPlace, a Microsoft Windows file system technique that’s known to bypass antivirus protections and endpoint detection and response solutions. The implementation of RIPlace, combined with the…

UCSF, Conduent are latest to suffer the slings and arrows of ransomware

Academic health research institution the University of California, San Francisco and business process services company Conduent have emerged as two of the latest prominent victims of organized ransomware attacks. UCSF was targeted by the NetWalker (aka MailTo) ransomware group, as evidenced by a post on the cyber gang’s data leak website, while it was the Maze…

New ransomware trends spotted: Auctioning stolen files, cybergangs joining forces

The tactics of human-operated ransomware campaigns continue to escalate. Victims who previously feared having their their systems disrupted, their files encrypted and their data stolen and published online may now face another ultimatum: Pay up or have your data auctioned off to the highest bidder. That’s the latest threat from the Sodinokibi/REvil gang, which announced…

Next post in Ransomware