The following is not a paragraph from a story about fictional cybercriminals called Evil Corp. The following paragraph is from a white paper released this week by the U.S. Department of Health & Human Services because there is a criminal enterprise known as Evil Corp that poses a serious threat to the healthcare sector. Typographical…
Category: Malware
Cuba Ransomware Team claims credit for attack on Montenegro
When Montenegro claimed Russian hackers attacked them, most of us probably didn’t think about the Cuba ransomware team, but the Cuba group claimed credit for the attack. According to their listing, they received the files on August 19. Their wording may sound puzzling in saying that they “received” the files, but that’s consistent with other…
That ‘clean’ Google Translate app is actually Windows crypto-mining malware
Jeff Burt reports: Watch out: someone is spreading cryptocurrency-mining malware disguised as legitimate-looking applications, such as Google Translate, on free software download sites and through Google searches. The cryptomining Trojan, known as Nitrokod, is typically disguised as a clean Windows app and works as the user expects for days or weeks before its hidden Monero-crafting…
New Golang Ransomware Agenda Customizes Attacks
Mohamed Fahmy, Nathaniel Gregory Ragasa, Earle Maui Earnshaw, Bahaa Yamany, Jeffrey Francis Bonaobra, and Jay Yaneza write: We recently discovered a new piece of targeted ransomware that was created in the Go programming language and that explicitly targeted one of our customers. This was evidenced by the specific email addresses and credentials the ransomware used. Malware written in…
EmergeOrtho notifying 75,200 patients about ransomware incident
EmergeOrtho in North Carolina has started sending notification letters to patients whose protected health information may have been accessed during a ransomware attack in May. According to a notification template seen by DataBreaches, EmergeOrtho discovered and blocked a ransomware attack on May 18. Their letter does not specifically state whether any files were encrypted, and…
New York medical practices hit by “Bl00dy Ransomware Gang”
Is “Bl00dy Ransomware Gang” a new ransomware group on the scene, a rebrand, or neither? In July, a new channel appeared on Telegram called the “Bl00dy Ransomware Gang.” In August, information about alleged victims started to appear. So far, the gang has leaked some data allegedly from three victims in two incidents. In each case,…