Is “Bl00dy Ransomware Gang” a new ransomware group on the scene, a rebrand, or neither? In July, a new channel appeared on Telegram called the “Bl00dy Ransomware Gang.” In August, information about alleged victims started to appear. So far, the gang has leaked some data allegedly from three victims in two incidents. In each case,…
Category: Malware
NHS cyberattack causing ‘total chaos’ in hospitals could take a year to recover
Rebecca Thomas reports: It could take more than a year for hospitals to recover patient record systems following the recent NHS cyberattack, The Independent has learned. Hospitals impacted are likely to need two weeks to recover for every day the situation goes unresolved, according to NHS sources. While initial attention following the ransomware attack on Advantage software was its impact on…
A confusing data dump from Vice Society
Attacking entities that try to save lives or provide health care seems despicable to most people—and attacking a hospice? That may seem especially vile. Vice Society recently added two victims to their dedicated leak site: BSA Hospice of the Southwest and Family Medicine Centers/FMC Clinics. Both are Texas entities. But were both actually attacked by…
San Diego American Indian Health Center: over 27,000 people are affected by data theft
Marco A. De Felice reports: 27,367 people, including patients and healthcare / administrative staff, were affected by the theft of sensitive data after the ransomware-type cyber attack last May 5 at the San Diego American Indian Health Center (“SDAIHC”) in the state of California. Recall that, among the people involved in the theft of their sensitive data, there…
New ‘Donut Leaks’ extortion gang linked to recent ransomware attacks
Lawrence Abrams reports: A new data extortion group named ‘Donut Leaks’ is linked to recent cyberattacks, including those on Greek natural gas company DESFA, UK architectural firm Sheppard Robson, and multinational construction company Sando. […] Strangely, the data for these victims have now appeared on the data leak site for a previously unknown extortion gang…
HC3: Analyst Note: Karakurt Threat Profile
HC3: Analyst Note TLP: White Report: 202208241200 Executive Summary Karakurt ransomware group, also known as the Karakurt Team and Karakurt Lair, is a relatively new cybercrime group, with researchers reporting its first emergence in late 2021. Karakurt actors claim to steal data and then threaten to auction it off or release it to the public…