Bill Toulas reports: Taiwanese PC parts maker MSI (Micro-Star International) has been listed on the extortion portal of a new ransomware gang known as “Money Message,” which claims to have stolen source code from the company’s network. MSI is a global hardware giant that makes motherboards, graphics cards, desktops, laptops, servers, industrial systems, PC peripherals,…
Category: Malware
Noteboom – The Law Firm hit by BlackCat
On March 24, BlackCat emailed Noteboom – The Law Firm, a Texas personal injury law firm. The email, shared with DataBreaches by BlackCat, appeared to be sent from the firm’s own systems administrator, Paul Khong. With some light editing by DataBreaches to correct some typos, it read: This is [ALPHV] aka BlackCat Ransomware Team. We…
Illinois’s Olympia CUSD 16 hit by LockBit3.0
LockBit3.0 claims to have hit the Olympia CUSD 16 in Illinois. So far, they have posted 4 files as proof, one of which appears to be a screencap of a directory of folders that might relate to Olympia North, Olympia South, and students, and another file with employee health-related information. There does not appear to…
UnitedLex hit by d0nut ransomware team, 200 GB of corporate files leaked (update4)
The d0nut ransomware team seems to be ramping up their activity and leaks. Last week, they contacted DataBreaches about Montgomery General Hospital in West Virginia. Today, they reached out to this site about UnitedLex, a firm that describes itself as helping legal teams modernize “with a consultative framework that brings together legal subject matter expertise,…
New Money Message ransomware demands million dollar ransoms
Bill Toulas reports: A new ransomware gang named ‘Money Message’ has appeared, targeting victims worldwide and demanding million-dollar ransoms not to leak data and release a decryptor. The new ransomware was first reported by a victim on the BleepingComputer forums on March 28, 2023, with Zscaler’s ThreatLabz soon after sharing information on Twitter. Read more at BleepingComputer. As…
Rorschach – A new sophisticated and fast ransomware
Research by: Jiri Vinopal, Dennis Yarizadeh and Gil Gekker Key Findings: Check Point Research (CPR) and Check Point Incident Response Team (CPIRT) encountered a previously unnamed ransomware strain, we dubbed Rorschach, deployed against a US-based company. Rorschach ransomware appears to be unique, sharing no overlaps that could easily attribute it to any known ransomware strain. In addition, it…