Eric Geller reports: A Russian ransomware gang on Friday threatened to hack the critical infrastructure of any nation or organization that retaliates against Moscow for its invasion of Ukraine, according to a statement shared by cybersecurity researchers. Read more at Politico. Here is Conti’s “Warning,” as posted on their site (the following appears to be a revision…
Category: Malware
KS: Hays schools hacked with ransomware
I seem to have missed this report that appeared on February 17. Preston Burrows reported on a Kansas school district incident: On Thursday, Hays USD 489 experienced a cyberattack on its systems with ransomware. This type of cyberattack locks users out of their systems and only returns access once the requested ransom is paid. Many…
Russian hackers infect network devices with new botnet malware
Dan Goodin reports: Hackers for one of Russia’s most elite and brazen spy agencies have infected home and small-office network devices around the world with a previously unseen malware that turns the devices into attack platforms that can steal confidential data and target other networks. Cyclops Blink, as the advanced malware has been dubbed, has…
Ransomware extortion doesn’t stop after paying the ransom
Who would have thought that criminals might lie? Where’s my shocked face? Bill Toulas reports on findings from a survey by Venafi. Here is some of what they found: 83% of all ransomware victims who paid the requested amount were extorted again, twice, or even three times. 18% of victims who paid the ransom still…
One year later, Minimally Invasive Surgery of Hawaii notifies patients of ransomware incident
A notification letter template that showed up on the California Attorney General’s site this week is dated “February 19, 2021.” I assume the 2021 is a typo based on the rest of the letter. The letter from Orthopedic Associates of Hawaii (OAH) begins (emphasis added by this site): Orthopedic Associates of Hawaii, All Access Ortho…
Conti ransomware gang takes over TrickBot malware operation
Ionut Ilascu reports: After four years of activity and numerous takedown attempts, the death knell of TrickBot has sounded as its top members move under new management, the Conti ransomware syndicate, who plan to replace it with the stealthier BazarBackdoor malware. TrickBot is a Windows malware platform that uses multiple modules for various malicious activities,…