We also stop all activity versus all kinds of medical organizations until the stabilization of the situation with virus. — Maze Team, March 18, 2020. Three days after issuing a press release claiming that they would stop all activity against all kinds of medical organizations, Maze Team appears to have gone back on its word….
Category: Malware
Town of Houlton Police discloses malware attack — again.
On March 17, the Town of Houlton, Maine disclosed that they had experienced a malware attack. According to their disclosure, on October 16, 2019, they discovered that part of their network had been locked up by a virus that prevented access to files. The department was able to quickly restore from backup, and claim that…
Sodinokibi Ransomware Data Leaks Now Sold on Hacker Forums
Lawrence Abrams reports: … Recently, the Sodinokibi Ransomware operators published over 12 GB of stolen data allegedly belonging to a company named Brooks International for not paying the ransom. Read more on BleepingComputer.
Ransomware attackers pledge to back off attacking medical entities during pandemic
“We’re all in this together” took on new meaning yesterday when a ransomware gang published a statement saying that they were offering their victims (whom they refer to as “partners”) discounts. And in response to an inquiry by Lawrence Abrams of Bleeping Computer, Maze Team also committed to not attacking medical entities during this pandemic…
France warns of new ransomware gang targeting local governments
Catalin Cimpanu reports on a new ransomware threat to local governments. France’s cybersecurity agency sounded the alarm. The alert, issued by France’s CERT team, points to a rising number of attacks carried out with a new version of the Mespinoza ransomware strain, also known as the Pysa ransomware. This ransomware strain was first spotted making victims last…
New Nefilim Ransomware Threatens to Release Victims’ Data
Lawrence Abrams reports: A new ransomware called Nefilim that shares much of the same code as Nemty has started to become active in the wild and threatens to release stolen data. Nefilim became active at the end of February 2020 and while it not known for sure how the ransomware is being distributed, it is…