Wright & Filippis, a well-known orthotics and prosthetics provider in Michigan, issued a press release yesterday about a cyberattack between January 26 and January 28, 2022. While the press release is not specific about the nature of the attack, a companion FAQ indicates that the attack resulted in the deployment of ransomware. Wright & Filippis…
Category: Malware
New AxLocker ransomware encrypts files, then steals your Discord account
Bill Toulas reports: The new ‘AXLocker’ ransomware family is not only encrypting victims’ files and demanding a ransom payment but also stealing the Discord accounts of infected users. When a user logs into Discord with their credentials, the platform sends back a user authentication token saved on the computer. This token can then be used…
Pointer: SuspectFiles interviews Venus ransomware group
Over on SuspectFile, Marco A. De Felice has written up an interview with Venus, a relatively new group in the ransomware landscape. You can read the interview here in both English and Italian. I found Venus’s answers to be a bit confusing at times, but some things do become clear from the interview — they…
AirAsia victim of ransomware attack, passenger and employee data acquired
AirAsia Group* pledges to be responsible when gathering personal information and to protect privacy “in every possible way.” That’s not a contract, mind you, but just an expression of their commitment. On November 11 and 12, AirAsia Group fell victim to a ransomware attack by Daixin Team. The threat actors, who were the topic of…
Gateway Rehab issues notice about June ransomware incident
On July 8, DataBreaches reported that Gateway Rehab in Pennsylvania had apparently become the victim of a ransomware attack by Blackbyte. DataBreaches’s report included redacted screenshots of files sensitive protected health information that had been leaked on the threat actors’ leak site. Gateway had not responded to inquiries from this site nor posted any notice on…
San Gorgonio Memorial Hospital Back Online After Malware Attack
Toni McAllister reports: A six-day shutdown of electronic health records at San Gorgonio Memorial Hospital was due to a malware attack that remains under investigation by a team of forensics professionals, according to SGMH CEO Steve Barron. The attack occurred Nov. 10 and all systems at the 600 N. Highland Springs Avenue campus were back…