Microsoft's security team revealed a new ransomware that is deployed in human-operated attacks. It uses "brute force" against a target company's systems management server, and mainly has targeted the healthcare sector amid the COVID-19 crisis. According to a series of tweets published by the tech giant on May 27, the human-operated ransomware attack, named "PonyFinal", requires hackers to break the security scheme of corporate networks in order to deploy the ransomware manually. That means PonyFinal doesn't rely on tricking the users into launching the payload through phishing links or emails. A Java-based ransomware attack The Java-based Pony Final deploys a …
A study unveiled on May 28 by the National Police of Colombia shows that ransomware attacks are a rising trend across the country. The report notes that 30% of all ransomware attacks within Latin American have specifically targeted Colombia. The report, made in alliance with Cisco, McAfee, Microsoft, Absolute, Fortinet, and Claro, states that the threat of ransomware in Colombia is “underestimated.” The quantity of Colombian attacks are followed by Peru (16%), Mexico (14%), Brazil (11%), and Argentina (9%), with SMEs being the preferred targets of cybercriminals. The study shows that 83% of companies in the country lack response protocols …
Educational services across the globe have been witnessing a surge in ransomware attacks in 2020. According to Verizon’s 2020 Data Breach Investigation Report, ransomware attacks account for approximately 80% of all cyberattacks suffered. The data suggests 92% of these incidents were motivated by financial reasons, while only 3% aimed to perform espionage activities on businesses operating within education. A sharp increase in ransomware attacks since 2019 Ransomware attacks are growing at an alarming rate. Currently accounting for an overwhelming majority of all cyberattacks, ransomware was just 48% of the whole during 2019. Phishing is partially to blame here — ransomware …
A new study warns of a new ransomware attack method that runs a virtual machine on target computers in order to infect them with the ransomware. This may play the attack beyond the reach of the computer’s local antivirus software. According to the UK-based cybersecurity firm Sophos, the Ragnar Locker attack is quite selective when choosing its victims. Ragnar’s targets tend to be companies rather than individual users. Almost 1,850 BTC in ransom demanded in a single attack Ragnar Locker asks victims for large amounts of money to decrypt their files. It also threatens to release sensitive data if users …
A new type of ransomware attack emerged in recent months, raising red flags among the cybersecurity community and authorities such as the FBI in the United States. Cybersecurity firm Group-IB has warned that it comes in the form of a Trojan, according to a report published on May 17. According to Group-IB’s study, the ransomware is known as ProLock and relies on the Qakbot banking trojan to launch the attack and asks the targets for six-figure USD ransoms paid out in BTC to decrypt the files. The roster of victims includes local governments, financial, healthcare and retail organizations. Among them, …
Ransomware group Maze claims to have hacked United States egg producer Sparboe in a post on its website. The website of cybercriminal organization Maze recently published a new entry claiming that the group hacked Sparboe. The post includes sample data that the group claims was stolen from the company. Maze: A major cybercrime organization Threat analyst at cybersecurity firm Emsisoft Brett Callow told Cointelegraph that in every hack by Maze so far, the group asked for a ransom in Bitcoin (BTC). There also appears to be no particularly easy and focused way to protect companies from such hacks, as the …
Coming every Sunday, Hodler’s Digest will help you track every single important news story that happened this week. The best (and worst) quotes, adoption and regulation highlights, leading coins, predictions and much more — a week on Cointelegraph in one link. Top Stories This Week Bitcoin price charts hint at the most exciting breakout in over a year The halving has been and gone — and so far, it hasn’t been the cataclysmic event that some in crypto circles feared. Some market analysts have now set their sights on what will happen next. Cointelegraph’s Keith Wareing says Bitcoin is on …
The ransomware gang that stole almost 1 terabyte of legal secrets from the biggest names in the entertainment industry is now demanding $42 million in cryptocurrency or else it will expose United States President Donald Trump's “dirty laundry.” The gang has already released a 2-gigabyte trove of legal documents marked "Lady Gaga" and fired the link to media outlets including Cointelegraph, which broke the news last week about the attack on New York law firm Grubman Shire Meiselas & Sacks. The law firm has clients that include Elton John, Robert DeNiro and Madonna. The gang hacked and encrypted the firm’s …
International crime-fighting organization, Interpol, joined forces with cybersecurity firm, Kaspersky, to launch a campaign called “Anti-Ransomware Day”. The date is set on the third anniversary of the most significant ransomware attack on record, WannaCry. According to the announcement, the May 12 holiday will raise awareness about the effects of ransom-centric cyberattacks which continue to affect people and businesses all over the world. A study revealed by Kaspersky reported that until October 2019, WannaCry held the title of the most significant ransomware attack ever executed. Companies affected by WannaCry attacks suffered losses averaging $1.46 million. Other expenses affect the targeted companies …
The private legal affairs of dozens of the world's biggest music and movie stars — Lady Gaga, Elton John, Robert DeNiro, and Madonna among them — are at risk of exposure following a ransomware attack on a high profile New York entertainment law firm. Grubman Shire Meiselas & Sacks have reportedly been hit by the REvil ransomware (also known as Sodinokibi), with the attackers threatening to release up to 756GB of stolen data in nine staged releases. The stolen data includes confidential contracts, telephone numbers, email addresses, personal correspondence, non-disclosure agreements and more. The ransom amount demanded is not available, …
Hackers infected the IT infrastructure of the largest private hospital in Europe with ransomware. Cybersecurity news outlet, KrebsonSecurity, reported on May 6 that hackers compromised the IT systems of Germany-based private hospital, Fresenius. An anonymous source reportedly informed the outlet that the hospital’s systems were infected by the ransomware known as Snake. The ransomware in question was discovered earlier this year, and is being actively used to target large businesses. Fresenius spokesperson, Matt Kuhn, reportedly confirmed to KrebsonSecurity that the hack took place: “I can confirm that Fresenius’ IT security detected a computer virus on company computers. [...] As a …
A cybercrime group recently infected two plastic surgery studios with ransomware. They subsequently leaked patient’s social security numbers and other sensitive information onto the internet. Emsisoft threat analyst, Brett Callow, told Cointelegraph on May 5 that Maze recently took credit for hacking a plastic surgeon named Kristin Tarbet. They also claim to have hacked the Ashville Plastic Surgery Institute. He explained that in Tarbet’s case, the hackers have already leaked highly sensitive data: “The data that has been posted included names, addresses, social security numbers as well as what appears to be before and after photos and photos taken during …