Lawrence Abrams reports: A new ransomware named SunCrypt has joined the ‘Maze cartel,’ and with their membership, we get insight into how these groups are working together. In June, we broke the story that the Maze threat actors created a cartel of ransomware operations to share information and techniques to help each other extort their victims. Read more on BleepingComputer.
Category: Malware
Unsophisticated Iranian hackers armed with ransomware are targeting companies worldwide
Brooke Crothers reports: Unsophisticated Iranian hackers are attacking company networks with ransomware, a cybersecurity firm said. The attackers have been using Dharma ransomware “and a mix of publicly available tools” to target companies in Russia, Japan, China and India, cybersecurity firm Group-IB said earlier this week. Read more on Fox News.
Russian arrested for trying to recruit an insider and hack a Nevada company
Catalin Cimpanu reports: The US Department of Justice announced charges today against a Russian citizen who traveled to the US in order to recruit and convince an employee of a Nevada company to install malware on their employer’s network in exchange for $1,000,000. According to court documents unsealed today, Egor Igorevich Kriuchkov, a 27-year-old Russian, was identified…
NC: Hackers want money to release Haywood County school district files
Rex Hodge reports: There will be no remote learning in Haywood County schools for a second day. A Ransomware attack against the district’s computers shut schools down Monday. They’ll be shut down again Tuesday. Read more on WMYA. It sounds like they have no intention of paying any ransom and that they do have some…
CO: City of Lafayette statement on July ransomware attack
On August 6, media in Colorado reported that the City of Lafayette had paid $45,000 to get a decryption key following a ransomware attack. On August 24, the city published a notification about the incident: This public notice is intended to advise residents, employees, and customers of an incident involving a cyberattack on the City…
Ca: Brookfield Residential confirms ransomware attack
As DataBreaches.net reported earlier today, although DarkSide ransomware operators claimed to have attacked Brookfield Asset Management, they appear to have attacked Brookfield Residential, a North American land developer and residential home builder. Brookfield Residential is an independently operating portfolio company that runs on an isolated network and domain from all other Brookfield entities, including Brookfield…