Marco A. De Felice (aka @amvinfe) had a bird’s eye view of negotiations between a Brazilian credit recovery and financial solutions firm and the Hive ransomware team. He also got to track the victim’s payment over wallets. Reading his partial transcript from the negotiations, the victim quickly went from an offer of $50k — an…
Category: Malware
Vanuatu officials turn to phone books and typewriters, one month after cyber attack
At the end of October, the tiny South Pacific archipelago of Vanuatu was hit by a cyberattack with devastating consequences. They officially acknowledged the incident as an attack on November 5. Now, almost a month later, they are still struggling to recover. Christopher Cottrell reports: One month after a cyber-attack brought down government servers and…
Hackers are locking out Mars Stealer operators from their own servers
Zack Whittaker reports: A security research and hacking startup says it has found a coding flaw that allows it to lock out operators of the Mars Stealer malware from their own servers and release their victims. Mars Stealer is data-stealing malware as a service, allowing cybercriminals to rent access to the infrastructure to launch their…
De: Klinikum Lippe hospital decrypts data after “intensive negotiations” with ransomware attackers
The Klinikum Lippe describes itself as one of the largest municipal hospitals in Germany and part of the University Hospital OWL of the University of Bielefeld. On November 17, they detected a significant cyberattack that impacted all three of their locations: Detmold, Lemgo, and Bad Salzuflen. From its own statements, it appeared that the hospital…
Sandworm gang launches Monster ransomware attacks on Ukraine
Jeff Burt reports: The Russian criminal crew Sandworm is launching another attack against organizations in Ukraine, using a ransomware that analysts at Slovakian software company ESET are calling RansomBoggs. In a Twitter thread, the ESET researchers wrote that they had detected RansomBoggs deployed within the networks of “multiple organizations in Ukraine.” While some aspects of RansomBoggs…
One Brooklyn Health System offline for more than one week — has it been hit with ransomware?
If it sounds like a ransomware attack and they won’t tell you what’s going on for more than one week, I think ransomware sounds like a reasonable guess, and DataBreaches understands why some people are suggesting that. On November 25, The City reported: The computer network system at a major Brooklyn hospital network has been…