Bill Toulas reports: The new ‘AXLocker’ ransomware family is not only encrypting victims’ files and demanding a ransom payment but also stealing the Discord accounts of infected users. When a user logs into Discord with their credentials, the platform sends back a user authentication token saved on the computer. This token can then be used…
Category: Malware
Pointer: SuspectFiles interviews Venus ransomware group
Over on SuspectFile, Marco A. De Felice has written up an interview with Venus, a relatively new group in the ransomware landscape. You can read the interview here in both English and Italian. I found Venus’s answers to be a bit confusing at times, but some things do become clear from the interview — they…
AirAsia victim of ransomware attack, passenger and employee data acquired
AirAsia Group* pledges to be responsible when gathering personal information and to protect privacy “in every possible way.” That’s not a contract, mind you, but just an expression of their commitment. On November 11 and 12, AirAsia Group fell victim to a ransomware attack by Daixin Team. The threat actors, who were the topic of…
Gateway Rehab issues notice about June ransomware incident
On July 8, DataBreaches reported that Gateway Rehab in Pennsylvania had apparently become the victim of a ransomware attack by Blackbyte. DataBreaches’s report included redacted screenshots of files sensitive protected health information that had been leaked on the threat actors’ leak site. Gateway had not responded to inquiries from this site nor posted any notice on…
San Gorgonio Memorial Hospital Back Online After Malware Attack
Toni McAllister reports: A six-day shutdown of electronic health records at San Gorgonio Memorial Hospital was due to a malware attack that remains under investigation by a team of forensics professionals, according to SGMH CEO Steve Barron. The attack occurred Nov. 10 and all systems at the 600 N. Highland Springs Avenue campus were back…
Have ransomware-type cyberattacks really decreased in 2022?
Marco A. De Felice writes: According to various reports drawn up by analysts and journalists in the information security sector, ransomware-type attacks would be in sharp decline in 2022. A statement that we find in total disagreement. For SuspectFile, the number of victims in all sectors is instead comparable to those experienced in the previous…