I’ve occasionally seen evidence that one victim was hit by more than one group or threat actor, but Sophos provides the most detailed reporting I’ve ever seen on one such incident. Sean Gallagher takes us through the saga that impacted a healthcare provider in Canada hit by two separate ransomware groups — Karma and Conti….
Category: Malware
Conti ransomware gang chats leaked by pro-Ukrainian member
Catalin Cimpanu reports: A member of the Conti ransomware group, believed to be Ukrainian of origin, has leaked the gang’s internal chats after the group’s leaders posted an aggressive pro-Russian message on their official site, on Friday, in the aftermath of Russia’s invasion of Ukraine. The message appears to have rubbed Conti’s Ukrainian members the…
JDC Healthcare Management issues second press release about malware incident last summer
On October 7, JDC Healthcare Management (Jefferson Dental Care) issued a press release concerning a malware incident discovered in August. At the time, they notified HHS that 501 patients were affected — a number that typically means “We know it’s more than 500 but we don’t have an exact count yet.” Today, they issued a…
Nvidia breached by attackers who seem shocked by hack-back
Ian King and William Turton report: A cyber breach suffered by Nvidia Corp. in recent days appears to have been a ransomware attack that’s not connected to the crisis in Ukraine, according to a person familiar with the incident. The hack looks to be relatively minor and not fueled by geopolitical tensions, said the person, who asked…
LA: Spine Diagnostic & Pain Treatment patient files show up on ransomware site
It looks like we may need to add Spine Diagnostic & Pain Treatment to our list of medical entities hit by ransomware groups. Conti Team added the Louisiana provider to their leak site earlier today, dumping 3,351 files that they claim represent 30% of all the files they exfiltrated. Inspection of the files, which compromised…
Conti ransomware group threatens retaliatory attacks on critical infrastructure of countries that attack Russia
Eric Geller reports: A Russian ransomware gang on Friday threatened to hack the critical infrastructure of any nation or organization that retaliates against Moscow for its invasion of Ukraine, according to a statement shared by cybersecurity researchers. Read more at Politico. Here is Conti’s “Warning,” as posted on their site (the following appears to be a revision…