AP reports: Two branches of a Tennessee city’s emergency services have been hit by ransomware as part of a worldwide malware attack that began in May. […] Norville says most of the affected data is not retrievable, and it is unclear if any significant files have been lost. Two file servers and 19 computers within…
Category: Malware
Hackers Linked to NotPetya Ransomware Decrypted a File For Us
Joseph Cox and Lorenzo Franceschi-Bicchierai report: Hackers linked to the crippling NotPetya ransomware attack, which encrypts files on infected machines, have proved to Motherboard they have the ability to decrypt some locked files. Security researchers have spent much of the last week debating whether victims of NotPetya will ever get their files back, with many…
While investigating one ransomware attack, Walnut Place hit with second attack
On May 12, I posted a press release from Walnut Place about a ransomware attack that had occurred in January. Their press release did not disclose that they had become aware of a second ransomware attack on May 6. A new press release, dated today, does: On March 13, 2017, Walnut Place leadership was informed…
Two charged with running hacking service used in ‘major computer intrusions’ of U.S. businesses
Rachel Weiner reports: Two men from Latvia ran a malware service that has been in operation for more than a decade and used in major attacks against U.S. businesses, according to an indictment unsealed Wednesday in federal court in Alexandria, Va. The men, along with an alleged co-conspirator in Virginia, designed a buffet of hacking…
Hackers Connected to NotPetya Ransomware Surface Online, Empty Bitcoin Wallet
Lorenzo Franceschi-Bicchierai reports: Hackers connected to the disruptive world-wide ransomware attack that crippled Ukraine and hit computers all over the world have surfaced online. Bitcoin sent to the hackers by victims has been moved from an online wallet, and someone seemingly connected to the group is now asking for more money. On June 28, unknown…
So many notifications due to ransomware, but are these really necessary?
Another entity has recently notified patients whose protected health information was on a server infected with ransomware. Once again, even though investigation turned up no evidence that any patient’s PHI was actually accessed or exfiltrated, entities are notifying – on the side of caution and/or because HHS requires them to in the absence of firm…