One of the newer ransomware groups to open a leak site is “ThreeAM.” Bleeping Computer recently reported that the ThreeAM malware is written in Rust, and on at least one occasion, researchers discovered that when LockBit failed, ThreeAM (aka 3AM) was successfully deployed. Symantec has more details on the malware and the group’s methods. ThreeAM…
Category: Malware
Cyberattack on a Breton municipality: private data released
The following is a Google translation of a post originally published in French by Europe1 with AVP: The town of Betton (Ille-et-Vilaine), close to Rennes, was the victim of a cyberattack by hackers who disseminated personal data due to the municipality’s refusal to pay a “ransom”, according to corroborating sources. The “ransomware” attack was committed…
BlackCat ransomware hits Azure Storage with Sphynx encryptor
Sergiu Gatlan reports: The BlackCat (ALPHV) ransomware gang now uses stolen Microsoft accounts and the recently spotted Sphynx encryptor to encrypt targets’ Azure cloud storage. While investigating a recent breach, Sophos X-Ops incident responders discovered that the attackers used a new Sphynx variant with added support for using custom credentials. Read more at BleepingComputer.
Colombia Reports Cyberattack With Impact Across Latin America
The Defense Post reports: Colombia has reported a massive cyberattack affecting dozens of government websites and impacting countries across Latin America. Local media said Thursday that key websites — such as the justice, health, and culture ministries as well as several hospitals — had been affected by a ransomware attack. The presidency said in a…
Caesars Entertainment confirms ransom payment, customer data theft
Sergiu Gatlan reports: Caesars Entertainment, self-described as the largest U.S. casino chain with the most extensive loyalty program in the industry, says it paid a ransom to avoid the online leak of customer data stolen in a recent cyberattack. Caesars discovered on September 7th that the attackers stole its loyalty program database, which stores driver’s…
AlphV responds to MGM incident and sloppy reporting
AlphV has posted a statement about their attack on MGM Resorts. They also post some scathing criticisms of journalists and news outlets for reporting inaccurately and not verifying sources. Of note, their statement also asserts, “The ALPHV ransomware group has not before privately or publicly claimed responsibility for an attack before this point. Rumors were…