Zack Whittaker reports: Kimchuk, a medical and military electronics maker, has been hit by data-stealing ransomware, TechCrunch has learned. The Danbury, Conn.-based manufacturer, which builds electronics for medical equipment, telecoms systems and energy grids, also makes nuclear modules for the Navy, work that often requires security clearance. Read more on TechCrunch.
Category: Malware
Three More Ransomware Families Create Sites to Leak Stolen Data
Lawrence Abrams reports that three more ransomware families have adopted the model of using websites to leak victims’ data if they don’t pay extortion demands: Nefilim Ransomware has launched a site called “Corporate Leaks” CLOP Ransomware — the team behind the Maastricht University attack — has also released a leak site called “>_CL0P^_- LEAKS” and…
Never-before-seen attackers are targeting Mideast industrial organizations
Dan Goodin reports: Researchers have unearthed an attack campaign that uses previously unseen malware to target Middle Eastern organizations, some of which are in the industrial sector. Researchers with Kaspersky Lab, the security firm that discovered the campaign, have dubbed it WildPressure. Read more on Ars Technica.
SC: Bluffton Township Fire District systems attacked with ransomware
I had missed this ransomware incident report last week from Marah Brock: On March 15, the Bluffton Township Fire District’s electronic systems were hacked. Officials said in a press release that during the day personnel reported district-wide issues accessing server information, reporting systems and everyday computer programs. Read more on Fox28media. They do not report…
Ameren Missouri Equipment Supplier Targeted In Ransomware Attack
Shahla Farzan reports: Ransomware attackers have stolen data from a third-party vendor that supplies utility equipment to Ameren Missouri power plants. Dozens of data files from Ohio-based LTI Power Systems appeared on a ransomware server in late February, including equipment diagrams and schematics from two Ameren Missouri facilities. No customer information appears to have been…
UK medical firm poised for work on coronavirus had been hit by Maze ransomware
Bill Goodwin has an important update on the Maze ransomware group’s attack on a London entity that does clinical pharmacology testing. I had blogged about the attack on this entity after Maze went back on their public pledge to stop all activity against the medical sector. Although Maze had attacked the facility before their pledge,…