Dan Goodin reports on yet another sinister development involving ransomware attacks and strains: A ransomware strain discovered last month and dubbed Ekans contains the usual routines for disabling data backups and mass-encrypting files on infected systems. But researchers at security firm Dragos found something else that has the potential to be more disruptive: code that…
Category: Malware
Genesis market 2020 overview, a bazaar for buying data out of compromised computers.
Under The Breach explains: A group of sophisticated hackers team up to sell the data of computers they managed to infect. The site began operating around the beginning of 2019 and only let users with an invitation code to join (it maintains this exclusivity until today). To find a person who has invitation codes is…
More Maze Team victims are revealed
A few developments concerning ransomware attacks by Maze Team: Crossroads Technologies notifies a covered entity about ransomware attack I think I finally have some information on the Crossroads attack claimed by Maze Team on their site. So far, no one — not Crossroads Technologies and not CrossroadsNet have answered my repeated inquiries, despite the fact…
Fondren Orthopedic Group notifies patients after malware incident destroyed patient records
Fondren Orthopedic Group in Texas is notifying patients of Dr. K. Matthew Warnock of a malware incident on November 21, 2019. The attack corrupted and permanently damaged some patients’ records, but there was no evidence that other any records were accessed and copied or exfiltrated. According to their notice to HHS, they are notifying 30,049…
Winnti Group targeting universities in Hong Kong
Mathieu Tartare writes: In November 2019, we discovered a new campaign run by the Winnti Group against two Hong Kong universities. We found a new variant of the ShadowPad backdoor, the group’s flagship backdoor, deployed using a new launcher and embedding numerous modules. The Winnti malware was also found at these universities a few weeks…
Three suspects arrested in Maltese bank cyber-heist
Catalin Cimpanu reports: British police have arrested yesterday three individuals that they believe are involved in the February 2019 hack of Bank of Valletta (BOV), one of Malta’s biggest banks. National Crime Agency (NCA) officers arrested two males, aged 22 and 17, in London, and a third suspect, a 39-year-old male in Belfast, Northern Ireland….