Mark Rasch writes about a fourth option for ransomware victims in terms of response: … what happens in the case where you are able to identify—either by name, location, computer, IP address, MAC address or otherwise—the individual(s) responsible for the ransomware, extortionware or electronic demand for payment? Right now, a ransomware victim has few options….
Category: Malware
US Government warns of BlackMatter ransomware attacks against critical infrastructure
Graham Cluley writes: The US Government has issued an alert to organisations about the threat posed by the BlackMatter ransomware group. The government’s Cybersecurity & Infrastructure Security Agency (better known as CISA) issued the advisory earlier this week, following a series of BlackMatter ransomware attacks since July 2021 targeting US critical infrastructure, including two American organisations working…
DarkSide ransomware gang moves some of its Bitcoin after REvil got hit by law enforcement
Catalin Cimpanu reports: The operators of the Darkside and BlackMatter ransomware strains have moved a large chunk of their Bitcoin reserves after news broke that fellow ransomware gang REvil had its servers taken over by a coalition of law enforcement agencies. Approximately 107 BTC ($6.8 million) were moved earlier today, according to Omri Segev Moyal, CEO…
FIN7 Recruits Talent For Push Into Ransomware
There’s a fascinating blog post out today by Gemini Advisory. Here are just the key findings to give you a sense of it all: The cybercriminal group FIN7 has been responsible for large-scale card theft campaigns, resulting in the exposure of over 20 million payment card records, as well as ransomware attacks. Gemini has discovered…
Indiana orthopedics practice becomes a victim of a ransomware attack
I hate to see medical entities become victims of ransomware attacks, but if they do, then I’m glad to see them promptly alert patients to any problems. Central Indiana Orthopedics is a positive example of prompt alerting. The following notice appears on their web site: IMPORTANT ANNOUNCEMENT: We regret to inform you that Central Indiana…
Olympus US and Sinclair Broadcast Group hacks tied to sanctioned Russian ransomware group
Zack Whittaker and Carly Page report: An “ongoing” cyberattack against the Japanese technology giant Olympus was caused by a Russian ransomware group sanctioned by the U.S. government, according to two people with knowledge of the incident. A new malware variant known as Macaw was used in the attack that began on October 10, which encrypted Olympus’…