Sergiu Gatlan reports: The operators behind Sodinokibi Ransomware published download links to files containing what they claim is financial and work documents, as well as customers’ personal data stolen from giant U.S. fashion house Kenneth Cole Productions. Sodinokibi (aka REvil) is a Ransomware-as-a-Service operation where the operators manage development of the ransomware and the payment portal used…
Category: Malware
UK: Ransomware attack leaves council facing huge bill to restore services
Helen Pidd and Gregory Robinson report: A council in the north-east of England has admitted that it has suffered a cyber-attack that has disabled its IT servers for the past three weeks, leaving it with a steep bill and concerns among residents that their local government infrastructure is “in danger of collapse”. One Redcar and…
Ryuk Ransomware Attack in Florida Forces Prosecutor to Drop Charges in Drug Cases
Silviu Stahie reports: A ransomware attack against the police department in Stuart, Florida last year had an unexpected consequence; the police officers had to drop several cases after losing important evidence. Read about it on Hot for Security. The story was first reported by WPTV.
Nemty Ransomware Actively Distributed via ‘Love Letter’ Spam
Sergiu Gatlan reports: Security researchers have spotted an ongoing malspam campaign using emails disguised as messages from secret lovers to deliver Nemty Ransomware payloads on the computers of potential victims. The spam campaign was identified by both Malwarebytes and X-Force IRIS researchers and has started distributing malicious messages yesterday via a persistent stream of emails. Read…
Ransomware Against the Machine: How Adversaries are Learning to Disrupt Industrial Production by Targeting IT and OT
Daniel Kapellmann Zafra, Keith Lunden, Nathan Brubaker, and Jeremy Kennelly of FireEye write: Since at least 2017, there has been a significant increase in public disclosures of ransomware incidents impacting industrial production and critical infrastructure organizations. Well-known ransomware families like WannaCry, LockerGoga, MegaCortex, Ryuk, Maze, and now SNAKEHOSE (a.k.a. Snake / Ekans), have cost victims…
Gadsden ISD has shut down its internet system due to ransomware
KTSM reports: Gadsden Independent School District (GISD) shut down its internet and communication systems, affecting all schools and support service locations, after identifying a virus that may have infected the system yesterday. According to a news release, the disruption has been connected to a virus or ransomware identified as RYUK. Read more on KTSM.