Sergiu Gatlan reports: Clop ransomware leaked files stolen from U.S pharmaceutical company ExecuPharm after ransom negotiations allegedly failed. ExecuPharm is a contract research organization (CRO) that provides clinical research support services to companies from the pharmaceutical industry. The company has more than 18,000 global clinical operational specialists in its network and it is one largest…
Category: Malware
Ca: NTPC website apparently hijacked in what looks like a ransomware attack
Walter Strong reports: The Northwest Territories Power Corporation’s (NTPC) website went down Thursday afternoon, but some pages show what appears to be a ransomware message from unknown hackers. Some visitors to the website myntpc.ntpc.com were greeted with a text page that begins with: “Hi! Your files are encrypted by Netwalker.” Read more on CBC.ca
Report Finds Ransomware Crews Don’t Leave After Being Paid
Organized crews of cybercriminals that attacked health care organizations and other critical services with ransomware this month kept their access to victims’ networks even after ransoms were paid, new research released by Microsoft Corp. says. In a blog post published Tuesday, Microsoft’s Threat Protection Intelligence Team said it had identified “dozens” of ransomware attacks in the…
Unusual New Ransomware Does Not Demand Cryptocurrency
Jeff Francis reports: The last few years have seen ransomware attacks increase in frequency. Cities, businesses, schools, and even health care facilities have been targeted. A ransom in Bitcoin or other cryptocurrency is usually demanded by the hackers, but a new malware is taking a different tack and not asking for crypto at all. The new ransomware, called Black…
‘Smart’ parking meter vendor had data stolen in ransomware attack
Benjamin Freed reports: A company that sells “smart” parking meters and technology used by parking-enforcement agencies in cities around the world was recently the victim of a ransomware attack that also exposed some of its internal files on a website maintained by the hackers responsible. CivicSmart, a Milwaukee firm that sells parking meters capable of processing mobile…
Shade (Troldesh) ransomware shuts down and releases decryption keys
Catalin Cimpanu reports: The operators of the Shade (Troldesh) ransomware have shut down over the weekend and, as a sign of goodwill, have released more than 750,000 decryption keys that past victims can now use to decrypt their files. Security researchers from Kaspersky Lab have confirmed the validity of the leaked keys and are now working on creating a…