A group of hackers dubbed Maze claims to have compromised the infrastructure of Banco BCR, a Costa Rican state-owned bank, and is now threatening to leak millions of credit card numbers. On April 30, Maze claimed that it has scoped out the bank in August 2019: “According to Financial Institutions Protocol this bank had to notify other institutions about the security breach case. But nothing was made. Servers and workstations were not blocked. Private data was not secured. Anyway the Bank decided to conceal information about the breach. Though the security personnel were able to analyze the attack logs and …
A series of ransomware attacks over the past week affected medical care, hundreds of thousands of parcel deliveries during the pandemic — and even a lingerie manufacturer. Attackers are threatening to leak sensitive data if companies fail to make the required payments. ITNews reported that the Australian logistics giant Toll Group suffered its second ransomware attack so far this year, with a type of ransomware known as “Nefilim.” Toll Group had shut down its IT system after detecting “unusual activities.” The company — responsible for delivering many hundreds of thousands of parcels per day — confirmed that the Neflim ransomware …
Hackers have infected the infrastructure of Parkview Medical Center — the largest health center in Pueblo County, Colorado — with cryptocurrency ransomware. Citing a hospital employee, Fox News reported on April 24 that Meditech — the Parkview Medical Center’s system for storing patient information — was infected with ransomware and rendered inoperable. The hospital confirmed the incident in a statement: “On Tuesday, April 21, Parkview Medical Center was the target of a cyber-incident which has resulted in an outage in a number of our IT systems.” As Cointelegraph recently reported, ransomware attacks against hospitals are ongoing, despite the fall in …
A report from cybersecurity firm Check Point unveiled a new ransomware attack, where cybercriminals pose as the FBI to demand victims pay their "fine" by credit card. According to the April 28 report, the malware — known as "Black Rose Lucy" — is unusual, since there are no ransom payments involving cryptocurrencies like Bitcoins (BTC) and it affects users of mobile devices with Android as an operating system. Check Point had already tracked the beginnings of the malware since September 2018, originating in Russia as a "Malware-as-a-Service" (MaaS) botnet. However, it took the form of ransomware to make various changes …
A ransomware gang has published personal and financial data from the Californian City of Torrance online — and threatened to reveal 200GB more unless their demands are met. Calling themselves DoppelPaymer, the ransomware gang has demanded 100 Bitcoin (BTC) — worth around $700,000 — in exchange for not releasing any more files stolen in the March 1 cyberattack. The cyberattack erased the City's local backups and encrypted approximately 150 servers and 500 workstations. The release of the data is embarrassing for City officials who claimed that no private data from its 145,000 residents had been compromised in the attack. To …
An April 21 report by malware lab Emsisoft showed that there was a significant drop in the number of successful ransomware attacks on the US public sector during Q1 2020. The findings show a total of 89 organizations were victims of ransomware in the first quarter of the year. And as the COVID-19 crisis deepened, successful attacks fell even lower, to levels "not seen in several years." Government entities were attacked less frequently, with those numbers going down from 19 in January to just seven in March. The same was mostly true for education: ten successful attacks in January, 14 …
A cybersecurity expert explained why he is convinced that the promises made by ransomware groups amid the pandemic are irrelevant. Brett Callow — threat analyst at cybersecurity firm Emsisoft — told Cointelegraph that multiple ransomware groups recently made promises to halt their activity against medical organizations amid the coronavirus pandemic. Still, he believes that those promises are irrelevant: “The claims of a ceasefire made by ransomware groups are irrelevant [and] should be completely disregarded. Would you leave your front door unlocked simply because the local burglars had pinky-promised not to rob you? Probably not. The story of the frog and …
The number of ransomware attacks globally has dropped significantly since the coronavirus crisis intensified in March, according to a new report from Chainalysis. The blockchain analytics firm said the drop was particularly significant given there were growing concerns over the impact of ransomware attacks against hospitals and other healthcare organizations during the crisis. Hospitals are a favoured target for ransomware gangs. Security software provider Emsisoft reported that over the course of 2019, at least 764 healthcare providers in the U.S. had been attacked. In mid-March Emsisoft publicly implored ransomware gangs to stop targeting hospitals due to the potential fatal impacts …
A kind of ransomware — a malware that encrypts user data and asks for a ransom to restore access to it — switched from Bitcoin (BTC) to Monero (XMR) to better protect the hackers’ identities. According to an April 11 report by cybersecurity news outlet BleepingComputer, using Monero will make it harder for law enforcement to track ransom payments to the hackers behind Sodinokibi. As the article mentions, Europol strategy analyst Jerek Jakubcek explained during a February webinar how anoncoins influence legal investigations: “Since the suspect used a combination of TOR and privacy coins, we could not trace the funds. …
London-based company, Travelex, reportedly paid hackers almost $2.3 million in Bitcoin (BTC) after suffering a ransomware attack on January 11. According to sources quoted by The Wall Street Journal on April 9, the UK firm’s networks were infiltrated by cybercriminals with a ransomware injection in the new year eve of 2020. The company is known for its chain of foreign-exchange kiosks located in airports and tourist sites around the world. Travelex confirmed the attack to the press shortly after it happened. They did not, however, disclose that they paid a ransom of around 285 BTC, after having their systems offline …
Global computing conglomerate Microsoft is notifying hospitals that are vulnerable to ransomware attacks to help prevent healthcare institutions from becoming overwhelmed amid the COVID-19 pandemic. The firm also published recommendations to hospitals for securing their systems and preventing ransomware attacks on April 1. Through the company’s network of threat intelligence analysts, Microsoft states that it “identified several dozens of hospitals” with vulnerable virtual private networks and other public-facing gateway applications in their systems: “During this time of crisis, as organizations have moved to a remote workforce, ransomware operators have found a practical target: network devices like gateway and virtual private …
A crack team of cybersecurity experts in 65 countries has come together to combat ransomware attacks on hospitals during the coronavirus crisis. Calling themselves the COVID-19 CTI League the community of experts aims to protect the technological infrastructure of front-line medical resources from cyberattacks. Hospitals around the world have seen a big increase in cyberattacks over the past year, in which critical IT systems are encrypted with malware. Gangs demand a Bitcoin ransom in return for the decryption key. Hospitals are often seen as soft targets, due to ageing IT infrastructure and a willingness to pay due to the critical …