John Bresnahan, Anna Palmer, and Jake Sherman report that iConstituent, a vendor providing an e-newsletter system used by many members of Congress for constituent outreach, was the victim of a ransomware attack. The attack has reportedly impacted approximately 60 members of the House from both parties, who have been unable to retrieve constituent information for…
Category: Malware
From QBot…with REvil Ransomware: Initial Attack Exposure of JBS
Vitali Kremez & Yelisey Boguslavskiy write: During the first week of June 2021, two major corporations were attacked by a ransomware group. JBS, the largest meat producer in the world, was hit on May 30, with the attack targeting the North American and Australian IT systems. Fujifilm, a Japanese multinational conglomerate was likely hit between…
Exchange Servers Targeted by ‘Epsilon Red’ Malware
Elizabeth Montalbano reports: REvil threat actors may be behind a set of PowerShell scripts developed for encryption and weaponized to exploit vulnerabilities in corporate networks, the ransom note suggests. Threat actors have deployed new ransomware on the back of a set of PowerShell scripts developed for making encryption, exploiting flaws in unpatched Exchange Servers to…
Department of Justice Seizes $2.3 Million in Cryptocurrency Paid to the Ransomware Extortionists Darkside
WASHINGTON – The Department of Justice today announced that it has seized 63.7 bitcoins currently valued at approximately $2.3 million. These funds allegedly represent the proceeds of a May 8, ransom payment to individuals in a group known as DarkSide, which had targeted Colonial Pipeline, resulting in critical infrastructure being taken out of operation. The…
Anti-ransomware biz ExaGrid ‘paid $2.6m ransomware demand’
Chris Mellor reports: Computer storage supplier ExaGrid has attempted to downplay a report that it paid nearly $3m to criminals who infected its corporate network with ransomware. ExaGrid supplies backup disk storage equipment that features so-called retention time-lock technology with immutable deduplication objects. This is supposed to thwart ransomware attacks in which malware infects not just an…
Jp: Fujifilm refuses to pay ransomware demand, restores network from backups
Robert Scammell reports: Japanese multinational conglomerate Fujifilm said it has refused to pay a ransom demand to the cyber gang that attacked its network in Japan last week and is instead relying on backups to restore operations. The company’s computer systems in the US, Europe, the Middle East and Africa are now “fully operational and…