Privacy Ninja



        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

The Week in Ransomware – April 30th 2021 – Attacks Escalate

The Week in Ransomware – April 30th 2021 – Attacks Escalate

Ransomware gangs continue to target organizations large and small, including a brazen attack on the Washington DC police department.

This week, we learned of attacks affecting the Metropolitan Police DepartmentMerseyrail UK rail operator, the Whistler Resort Municipality, and an attack on Brazil’s court systems in Rio Grande do Sul.

We also reported that the Qlocker ransomware targeting QNAP devices had made $260,000 by Sunday, which is likely much higher now.

Finally, after threatening to release data for the Metropolitan Police Department, Babuk Locker has suddenly decided to no longer encrypt systems and focus entirely on the ransoming of stolen data.

Contributors and those who provided new ransomware information and stories this week include: @fwosar@PolarToffee@Seifreed@struppigel@jorntvdw@BleepinComputer@Ionut_Ilascu@LawrenceAbrams@malwareforme@demonslay335@serghei@malwrhunterteam@FourOctets@DanielGallagher@VK_Intel@ValeryMarchive, @emsisoft@fbgwls245@Amigo_A_@chum1ng0@pcrisk@GrujaRS@BruteBee@FireEye@ddd1ms@coveware@campuscodi, and @JakubKroustek.

April 24th 2021

A ransomware gang made $260,000 in 5 days using the 7zip utility

A ransomware gang has made $260,000 in just five days simply by remotely encrypting files on QNAP devices using the 7zip archive program.

New Dharma ransomware variant

Jakub Kroustek found a new Dharma ransomware variant that appends the .bdev extension to encrypted files.

April 25th 2021

New NoCry ransomware

GrujaRS found a variant of the Stupid Ransomware calling itself NoCry that appends the .Cry extension.

New Conti ransomware variant

GrujaRS found a new variant of the Conti Ransomware that appends the .GFYPK extension.

Also Read: PDPA Compliance Singapore: 10 Areas To Work On

April 26th 2021

DC Police confirms cyberattack after ransomware gang leaks data

The Metropolitan Police Department has confirmed that they suffered a cyberattack after the Babuk ransomware gang leaked screenshots of stolen data.

Ransomware gang now warns they will leak new Apple logos, iPad plans

The REvil ransomware gang has mysteriously removed Apple’s schematics from their data leak site after privately warning Quanta that they would leak drawings for the new iPad and new Apple logos.

Accellion data breaches drive up average ransom price

The data breaches caused by the Clop ransomware gang exploiting a zero-day vulnerability have led to a sharp increase in the average ransom payment calculated for the first three months of the year.

New Conti ransomware variant

dnwls0719  found a new Dharma ransomware variant that appends the .ALNBR extension to encrypted files.

Ransomware Attack Vectors Shift as New Software Vulnerability Exploits Abound

The Coveware Quarterly Ransomware Report describes ransomware incident response trends during Q1 of 2021. Data exfiltration extortion continues to be prevalent and we have reached an inflection point where the vast majority of ransomware attacks now include the theft of corporate data. Q1 saw a reversal of average and median ransom amounts. The averages in Q1 were pulled up by a raft of data exfiltration attacks by one specific threat actor group that opportunistically leveraged a unique vulnerability (more on this below).

New Phobos Ransomware variant

PCrisk found a new Phobos ransomware variant that appends the .lookfornewitguy extension.

April 27th 2021

Ransomware : Revil enchaîne les victimes… qui ne paient pas

Oui, le groupe Revil, qui pilote le rançongiciel Sodinokibi, est très actif ces temps-ci. Et il semble décidé à enchaîner les coups d’éclat. Mais ses activités semblent de moins en moins couronnées de succès. Et de plus en plus, ce qu’il exhibe comme un tableau de chasse prend des airs de triste galerie de ses échecs.

The cost of ransomware in 2021: A country-by-country analysis

The statistics below show the devastating economic toll ransomware has taken in a number of key markets. The data includes ransom demands, the cost of downtime, and the overall global cost of ransomware, as well as separate statistics focused on the public and private sectors.

Ransomware gang targets Microsoft SharePoint servers for the first time

Microsoft SharePoint servers have now joined the list of network devices being abused as an entry vector into corporate networks by ransomware gangs.

April 28th 2021

UK rail network Merseyrail likely hit by Lockbit ransomware

UK rail network Merseyrail has confirmed a cyberattack after a ransomware gang used their email system to email employees and journalists about the attack.

New Dharma ransomware variant

dnwls0719  found a new Dharma ransomware variant that appends the .cum extension to encrypted files.

April 29th 2021

Security expert coalition shares actions to disrupt ransomware

The Ransomware Task Force, a public-party coalition of more than 50 experts, has shared a framework of actions to disrupt the ransomware business model.

Whistler resort municipality hit by new ransomware operation

The Whistler municipality in British Columbia, Canada, has suffered a cyberattack at the hands of a new ransomware operation.

Brazil’s Rio Grande do Sul court system hit by REvil ransomware

Brazil’s Tribunal de Justiça do Estado do Rio Grande do Sul was hit with an REvil ransomware attack yesterday that encrypted employee’s files and forced the courts to shut down their network.

New ransomware group uses SonicWall zero-day to breach networks

A financially motivated threat actor exploited a zero-day bug in Sonicwall SMA 100 Series VPN appliances to deploy new ransomware known as FiveHands on the networks of North American and European targets.

QNAP warns of AgeLocker ransomware attacks on NAS devices

QNAP customers are once again urged to secure their Network Attached Storage (NAS) devices to defend against Agelocker ransomware attacks targeting their data.

Babuk ransomware readies ‘shut down’ post, plans to open source malware

After just a few months of activity, the operators of Babuk ransomware briefly posted a short message about their intention to quit the extortion business after having achieved their goal.

New CryBaby ransomware

MalwareHunterTeam found a new ‘CryBaby’ ransomware.

Also Read: What Does A Data Protection Officer Do? 5 Main Things

April 30th 2021

Babuk quits ransomware encryption, focuses on data-theft extortion

A new message today from the operators of Babuk ransomware clarifies that the gang has decided to close the affiliate program and move to an extortion model that does not rely on encrypting victim computers.

That’s it for this week! Hope everyone has a nice weekend!



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us