Ransomware and Recent Variants

Discussion in 'malware problems & news' started by ronjor, Mar 31, 2016.

  1. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    25,456
    The Week in Ransomware - January 31st 2020 - Taking it to The Courts
    January 31, 2020
    https://www.bleepingcomputer.com/ne...re-january-31st-2020-taking-it-to-the-courts/
     
  2. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    25,456
    London Offshore Consultants suffers ransomware attack
    January 31, 2020
    https://splash247.com/london-offshore-consultants-suffers-ransomware-attack/
     
  3. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    4,561
    Location:
    DC Metro Area
    "Maryland poised to criminalize ransomware possession

    A bill proposed by Maryland lawmakers to criminalize ransomware possession looks set to pass a year after a costly cyber-attack hit the state’s biggest city.

    The creation and distribution of malware for criminal purposes is illegal under current US legislation, however, merely possessing malware or ransomware is not.

    This new state bill, proposed...on January 13, would criminalize ransomware ownership with intent to cause harm..."

    https://portswigger.net/daily-swig/maryland-poised-to-criminalize-ransomware-possession
     
  4. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    25,456
    Maze Ransomware Hits Law Firms and French Giant Bouygues
    February 3, 2020
    https://www.infosecurity-magazine.com/news/maze-ransomware-law-firms-french/
     
  5. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    25,456
    Ransomware knocks city of Racine offline
    February 3, 2020
    https://www.scmagazine.com/home/security-news/ransomware/ransomware-knocks-racine-city-offline/
     
  6. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    25,456
    New ransomware with ‘.SaveTheQueen’ extension discovered by Varonis
    February 4, 2020
    https://www.information-age.com/new-ransomware-savethequeen-extension-discovered-varonis-123487551/
    Varonis: A Queen’s Ransom: Varonis Uncovers Fast-Spreading “SaveTheQueen” Ransomware
     
  7. FanJ

    FanJ Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    3,638
    Today there was a symposium by the university UM. The UM and Fox-IT told more about it.
    The symposium was only for guests but there was a live-stream:
    https://www.maastrichtuniversity.nl/um-cyber-attack-symposium-–-livestream
    (I assume you can later play it back, but I'm not sure about that).

    I don't know whether there are already English articles available; maybe they come later.
    Lots of Dutch sites have articles, in Dutch:
    https://nos.nl/artikel/2321732-hack...-maanden-in-netwerk-200-000-euro-betaald.html
    https://www.nu.nl/tech/6028600/univ...ijna-2-ton-losgeld-na-digitale-gijzeling.html
    https://www.security.nl/posting/642...esmet via phishingmail en verouderde software

    This evening Frank Groenewegen, security-expert at Fox-IT, will be on Dutch TV, Nieuwsuur:
    https://nos.nl/nieuwsuur/artikel/2321700-de-uitzending-van-5-februari.html

    In short, what happened according to the above articles:
    It all started already on 15 and 16 October 2019 with phishingmails, pointing to malicious document.
    There were two servers with unpatched OS.
    On 21 November the whole network was compromised: 267 servers and 2 workstations.
    The hacker needed to use a certain software to roll out the ransomware further. That was detected by a AV.
    The hacker then de-installed that AV.
    On 23 December the ransomware was rolled out.
    Backups were also encrypted.
    The UM paid about 197.000 euro (30 bitcoin).

    I hope that there will be later better articles in English than I gave here in this short summary.
     
  8. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    25,456
    Mailto (NetWalker) Ransomware Targets Enterprise Networks
    February 5, 2020
    https://www.bleepingcomputer.com/ne...alker-ransomware-targets-enterprise-networks/
     
  9. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    25,456
    Tracker SA's systems hacked
    February 2, 2020
    https://www.dispatchlive.co.za/news/2020-02-02-tracker-sas-systems-hacked/
     
  10. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    25,456
    Tracker hack hints at more ransomware attacks in South Africa
    February 5, 2020
    https://www.itweb.co.za/content/LPp6VMr4YxNvDKQz/pXnWJadMba7bjO1e
     
  11. FanJ

    FanJ Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    3,638
    Some more info, mostly in Dutch:

    The livestream of the symposium (in Dutch) can be replayed back later.
    There is a big report from Fox-IT (in Dutch).

    https://www.maastrichtuniversity.nl/um-cyber-attack-symposium-–-lessons-learnt
    Fox-IT report in Dutch in .pdf format :
    https://www.maastrichtuniversity.nl/file/foxitrapportreactieuniversiteitmaastrichtpdf
    (BTW: I wonder whether they didn't forget the dot before the pdf extension in that link there)


    The Observant has already an article in Dutch:
    https://www.observantonline.nl/Home...-grote-morele-bezwaren-tegen-betaling-losgeld
    They are saying (at the moment) on their English version that more info will come later:
    https://www.observantonline.nl/Engl.../17954/Paid-ransom-confirmed-during-symposium
     
  12. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    25,456
    Ransomware suspected after CUNA, a credit union lobbyist, knocked offline
    February 5, 2020
    https://techcrunch.com/2020/02/05/cuna-ransomware-offline/
     
  13. FanJ

    FanJ Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    3,638
    About that ransomware and the UM :
    That article in English is in the meanwhile ready:
    https://www.observantonline.nl/Engl...reat-moral-objections-against-paying-a-ransom
     
  14. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    25,456
    Ransomware Exploits GIGABYTE Driver to Kill AV Processes
    February 6, 2020
    https://www.bleepingcomputer.com/ne...xploits-gigabyte-driver-to-kill-av-processes/
    Sophos: Living off another land: Ransomware borrows vulnerable driver to remove security software
     
  15. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    25,456
    Ryuk ransomware used to attack Volusia library computers, records show
    February 6, 2020
    https://www.news-journalonline.com/...ware-used-to-attack-volusia-library-computers
     
  16. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    25,456
    Allegheny Intermediate Unit investigates malware attack, avoids ransom payment
    February 6, 2020
    https://triblive.com/local/pittsbur...tigates-malware-attack-avoids-ransom-payment/
     
  17. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    25,456
    Translink systems "crippled" by hackers 'holding firm to ransom'
    It is understood a virus has infected the firm's intranet
    February 7, 2020

    https://www.belfastlive.co.uk/news/belfast-news/translink-systems-crippled-hackers-holding-17704725
     
  18. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    25,456
    The Week in Ransomware - February 7th 2020 - Exploiting Drivers
    February 7, 2020
    https://www.bleepingcomputer.com/ne...somware-february-7th-2020-exploiting-drivers/
     
  19. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    25,456
    North Miami Beach Affected By Cyber Attack
    February 7, 2020
    https://miami.cbslocal.com/2020/02/07/north-miami-beach-affected-by-cyber-attack/
     
  20. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    7,513
    Location:
    Among the gum trees
    Toll transport hack leaves customers demanding answers on parcel delivery delays
    https://www.abc.net.au/news/2020-02...es-customers-and-deliveries-in-limbo/11949036

     
  21. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    25,456
    Ransomware cripples Havre Public Schools computer system
    February 10, 2020
    https://www.missoulacurrent.com/business/2020/02/ransomware-havre-schools/
     
  22. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    25,456
    Ragnar Locker Ransomware Targets MSP Enterprise Support Tools
    February 10, 2020
    https://www.bleepingcomputer.com/ne...somware-targets-msp-enterprise-support-tools/
     
  23. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    12,942
    Location:
    Here
    Report: The cost of ransomware in 2020. A country-by-country analysis
    https://blog.emsisoft.com/en/35583/...omware-in-2020-a-country-by-country-analysis/
     
  24. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    25,456
    Nacogdoches ISD consults city of Garrison after recent ransomware attack
    February 12, 2020
    https://www.ktre.com/2020/02/12/nac...city-garrison-after-recent-ransomware-attack/
     
  25. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    12,942
    Location:
    Here
    Ransomware meets sextortion: this ransomware demands explicit pics to unlock your data
    https://blog.emsisoft.com/en/35679/...re-demands-explicit-pics-to-unlock-your-data/
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.