Marco A. DeFelice has a post about AvosLocker that is in both Italian and English, in different parts. The English part is a bit of an interview or chat Marco had with their spokesperson. They use the opportunity to explain how superior they believe their new variant, .avos2, is. You can read it all on…
Category: Malware
Missouri Delta Medical Center silent about patient data dump and claimed ransomware attack
“Full ICU at Missouri Delta Medical Center, workers scramble to keep up with COVID-19 surge,” a headline informed us earlier this week. And if they weren’t struggling enough already, it appears that Missouri Delta Medical Center (MDMC) might also be dealing with a ransomware attack by Hive threat actors. So far, however, MDMC has been…
NY: Rehabilitation Support Services notifies clients and employees of data breach
In July, DataBreaches.net reported that threat actors calling themself “Grief” claimed to have attacked NY-based Rehabilitation Support Services (RSS), an agency that provides services to more than 3,000 individuals with psychiatric and substance abuse disorders each year. Grief claimed to have exfiltrated 4 GB of data from RSS, and offered some small proof of claim. For…
All of Desert Wells Family Medicine patients’ electronic health records were corrupted and unrecoverable from ransomware attack
On August 30, HHS added Queen Creek Medical Center d/b/a Desert Wells Family Medicine in Arizona to its public breach tool. The entity had reported that 35,000 patients were impacted by a breach involving a hack of the network. We now have more details on that incident available thanks to a public disclosure of their…
New .avos2 variant: AvosLocker affiliate extorts $ 85k from victim thanks to old vulnerability in FortiGate VPN
Marco A. De Felice reports: An affiliate of the AvosLocker ransomware group extorts $ 85,000 in bitcoin from a company thanks to a known vulnerability in FortiGate VPN ( CVE-2018-13379 ). A vulnerability that the American multinational had corrected THANKS TO AN UPDATE released IN NOVEMBER 2019 . Those who have not updated their systems are a small company that…
Th: Hospital hack prompts call for cooperation
Wassayos Ngamkham has some interesting follow-up reporting on the recent attack on Phetchabun Hospital. That hospital and Bhumirajanagarindra Kidney Institute Hospital, both in Thailand, have been recently attacked, with the latter attack interfering with patient services. The Cyber Crime Investigation Bureau (CCIB)’s preliminary investigation reportedly: showed that a group of Indian hackers was behind the…