Privacy Ninja



        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

The Week in Ransomware – June 18th 2021 – Law Enforcement Strikes Back

The Week in Ransomware – June 18th 2021 – Law Enforcement Strikes Back

Compared to the last few weeks, it has been a relatively quiet week with no ransomware attacks causing widespread disruption.

It was a good week for law enforcement, with Ukrainian police arresting members of the Clop ransomware gang and the South Korean police arresting computer repairment installing ransomware.

We also saw some interesting research released on LockBit and the Hades ransomware, as well as an updated Avaddon Ransomware decryptor that can decrypt more victims’ files.

Finally, President Biden met with Russian President Putin to discuss the recent cyberattacks. Whether something changes from that meeting is too soon to tell.

Contributors and those who provided new ransomware information and stories this week include: @DanielGallagher@malwareforme@PolarToffee@fwosar@BleepinComputer@LawrenceAbrams@serghei@VK_Intel@struppigel@demonslay335@malwrhunterteam@FourOctets@Ionut_Ilascu@jorntvdw@Seifreed@TrendMicroRSRCH@IntelAdvanced@y_advintel@ZeroLogon@campuscodi@GrujaRS@emsisoft@LittleRedBean2, , @PogoWasRight@chum1ng0@PRODAFT@Secureworks, and @ValeryMarchive.

June 14th 2021

REvil ransomware hits US nuclear weapons contractor

US nuclear weapons contractor Sol Oriens has suffered a cyberattack allegedly at the hands of the REvil ransomware gang, which claims to be auctioning data stolen during the attack.

G7 leaders ask Russia to hunt down ransomware gangs within its borders

G7 (Group of 7) leaders have asked Russia to urgently disrupt ransomware gangs believed to be operating within its borders, following a stream of attacks targeting organizations from critical sectors worldwide.

Also Read: The 3 Main Benefits of PDPA For Your Business

Fujifilm resumes normal operations after ransomware attack

Japanese multinational conglomerate Fujifilm says that it has resumed normal business and customer operations following a ransomware attack that forced it to shut the entire network on June 4.

Theoretically untouchable, but still struck down with Avaddon

The reasons for Avaddon’s disappearance are not known at this point. Perhaps the international pressure had become too strong for the operators. Unless some errors have started to show a little too much.

June 15th 2021

Avaddon ransomware’s exit sheds light on victim landscape

A new report analyzes the recently released Avaddon ransomware decryption keys to shed light on the types of victims targeted by the threat actors and potential revenue they generated throughout their operation.

Paradise Ransomware source code released on a hacking forum

The complete source code for the Paradise Ransomware has been released on a hacking forum allowing any would-be cyber criminal to develop their own customized ransomware operation.

Updated Avaddon decryptor released

Emsisoft released an updated Avaddon decryptor to support more victims.

Hades Ransomware Operators Use Distinctive Tactics and Infrastructure

Hades ransomware has been on the scene since December 2020, but there has been limited public reporting on the threat group that operates it. Secureworks® incident response (IR) engagements in the first quarter of 2021 provided Secureworks Counter Threat Unit™ (CTU) researchers with unique insight into the group’s use of distinctive tactics, techniques, and procedures (TTPs).

June 16th 2021

Ukraine arrests Clop ransomware gang members, seizes servers

Ukrainian law enforcement arrested cybercriminals associated with the Clop ransomware gang and shut down infrastructure used in attacks targeting victims worldwide since at least 2019.

South Korean police arrest computer repairmen who made and distributed ransomware

South Korean authorities have filed charges today against nine employees of a local computer repair company for creating and installing ransomware on their customers’ computers.

MA: UMass Lowell closed due to cybersecurity incident

The University of Massachusetts Lowell (UMass Lowell) has suffered a cybersecurity breach that has caused school closures for the past two days. The incident was first announced on June 15 as an “IT outage:”

SCOOP: UnitingCare paid hundreds of thousands of dollars to REvil for decryption key and deletion of files

On April 25, UnitingCare Queensland (UCQ) was the victim of a ransomware attack that impacted multiple Queensland hospitals and aged care centres. The next day, they posted a notice on their web site informing people as to what was happening and its impact. And on May 5, they posted a second update where they revealed that it was REvil (Sodinokibi) threat actors who had attacked them. That update described steps they had taken since the incident to safely recover and restore services.

June 17th 2021

Carnival Cruise hit by data breach, warns of data misuse risk

In December 2020, Carnival was hit by a second (previously undisclosed) ransomware attack with “investigation and remediation phases” still ongoing, according to a 10-Q form filed with the SEC in April 2021.

June 18th 2021

Fake DarkSide gang targets energy, food industry in extortion emails

Threat actors impersonate the now-defunct DarkSide Ransomware operation in fake extortion emails sent to companies in the energy and food sectors.

LockBit RaaS In-Depth Analysis

The PRODAFT Threat Intelligence (PTI) Team has published this report to provide in-depth knowledge about the threat actors who operate LockBit ransomware. The PTI Team has managed to extract decryption tools for most of the victims who were affected by the LockBit. All affiliates of the ransomware group, including the developer, were also identified during the investigation of the PTI Team. This report answers questions such as : How do they select their targets ? How many targets did they breach ? How does the network operate ? Who are the affiliates ?

Also Read: The 5 Benefits of Outsourcing Data Protection Officer Service

New STOP Ransomware variant

GrujaRS found a new STOP ransomware variant that appends the .iqll extension to encrypted files.

New STOP Ransomware variant

LittleRedBean found a new STOP ransomware variant that appends the .sspq extension to encrypted files.

That’s it for this week! Hope everyone has a nice weekend!



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us