“We’re all in this together” took on new meaning yesterday when a ransomware gang published a statement saying that they were offering their victims (whom they refer to as “partners”) discounts. And in response to an inquiry by Lawrence Abrams of Bleeping Computer, Maze Team also committed to not attacking medical entities during this pandemic…
Category: Malware
France warns of new ransomware gang targeting local governments
Catalin Cimpanu reports on a new ransomware threat to local governments. France’s cybersecurity agency sounded the alarm. The alert, issued by France’s CERT team, points to a rising number of attacks carried out with a new version of the Mespinoza ransomware strain, also known as the Pysa ransomware. This ransomware strain was first spotted making victims last…
New Nefilim Ransomware Threatens to Release Victims’ Data
Lawrence Abrams reports: A new ransomware called Nefilim that shares much of the same code as Nemty has started to become active in the wild and threatens to release stolen data. Nefilim became active at the end of February 2020 and while it not known for sure how the ransomware is being distributed, it is…
Hackers hit NutriBullet website with credit card-stealing malware
Zack Whittaker reports: Magecart hackers have struck again, this time targeting the NutriBullet website. According to new research by security firm RiskIQ, hackers broke into the blender maker’s website several times over the past two months, injected malicious credit card-skimming malware on its payment pages and siphoned off the credit card numbers and other personal data —…
PXJ Ransomware Campaign Identified by X-Force IRIS
Megan Roddie and Limor Kessem write: In a recent analysis from IBM’s X-Force Incident Response and Intelligence Services (IRIS), our team discovered activity related to a new strain of ransomware known as “PXJ” ransomware. This malware is also known as “XVFXGW” ransomware. The name PXJ is derived from the file extension that is appended to…
Maze Team statement ridicules security “experts” and IT administrators who try to cover up breaches
Those who have been watching Maze Team and other ransomware groups are already aware that Maze Team has quietly continued to actively attack entities. Those who do not pay their demands will likely find themselves listed on the threat actors’ website with some of their data publicly dumped for anyone who wants to download it….