Walter Strong reports: The Northwest Territories Power Corporation’s (NTPC) website went down Thursday afternoon, but some pages show what appears to be a ransomware message from unknown hackers. Some visitors to the website myntpc.ntpc.com were greeted with a text page that begins with: “Hi! Your files are encrypted by Netwalker.” Read more on CBC.ca
Category: Malware
Report Finds Ransomware Crews Don’t Leave After Being Paid
Organized crews of cybercriminals that attacked health care organizations and other critical services with ransomware this month kept their access to victims’ networks even after ransoms were paid, new research released by Microsoft Corp. says. In a blog post published Tuesday, Microsoft’s Threat Protection Intelligence Team said it had identified “dozens” of ransomware attacks in the…
Unusual New Ransomware Does Not Demand Cryptocurrency
Jeff Francis reports: The last few years have seen ransomware attacks increase in frequency. Cities, businesses, schools, and even health care facilities have been targeted. A ransom in Bitcoin or other cryptocurrency is usually demanded by the hackers, but a new malware is taking a different tack and not asking for crypto at all. The new ransomware, called Black…
‘Smart’ parking meter vendor had data stolen in ransomware attack
Benjamin Freed reports: A company that sells “smart” parking meters and technology used by parking-enforcement agencies in cities around the world was recently the victim of a ransomware attack that also exposed some of its internal files on a website maintained by the hackers responsible. CivicSmart, a Milwaukee firm that sells parking meters capable of processing mobile…
Shade (Troldesh) ransomware shuts down and releases decryption keys
Catalin Cimpanu reports: The operators of the Shade (Troldesh) ransomware have shut down over the weekend and, as a sign of goodwill, have released more than 750,000 decryption keys that past victims can now use to decrypt their files. Security researchers from Kaspersky Lab have confirmed the validity of the leaked keys and are now working on creating a…
Zaha Hadid Architects held to ransom by cyberhacker
Will Ing reports: A computer hacker has attempted to extort money from Zaha Hadid Architects (ZHA) after breaking into its servers and stealing confidential information The practice was attacked by ransomware – a type of malicious software – which remotely accessed a computer at its London office earlier this month. ZHA alerted police on Tuesday…