Privacy Ninja



        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

The Week in Ransomware – November 5th 2021 – Placing Bounties

The Week in Ransomware – November 5th 2021 – Placing Bounties

Law enforcement continues to keep up the pressure on ransomware operations with infrastructure hacks and million-dollar rewards, leading to the shut down of criminal operations.

Due to this increased pressure by law enforcement, the BlackMatter (DarkSide) ransomware gang announced to affiliates that they were shutting down this week after members were missing.

BleepingComputer later discovered that BlackMatter began moving existing victims to LockBit ransomware’s infrastructure to continue extortion demands.

To keep pressure on the DarkSide gang and warn that rebranding to a new operation won’t stop law enforcement, the US Department of State announced a $10 million reward for identifying or locating key leaders in the organization. In addition, the US government is also offering $5 million for the arrest of any individuals participating in future attacks using DarkSide variants.

Also Read: 6 Simple Guides On PDPA Clause For Agreements Of Personal Data

The FBI also issued advisories this week warning that HelloKitty has added DDoS attacks to their arsenal, that ransomware gangs commonly conduct attacks “during time-sensitive financial events,” and that gangs are targeting tribal-owned businesses, including casinos.

Ransomware attacks we saw this week were against the UK Labour Party and the Newfoundland and Labrador health systems.

Contributors and those who provided new ransomware information and stories this week include: @serghei@malwareforme@LawrenceAbrams@BleepinComputer@fwosar@DanielGallagher@Ionut_Ilascu@struppigel@jorntvdw@VK_Intel@billtoulas@malwrhunterteam@FourOctets@demonslay335@PolarToffee@Seifreed@CofenseLabs@TalosSecurity@vxunderground@pancak3lullz@Fortinet@GelosSnake@nakashimae@DDaltonBennett@fbgwls245@pcrisk, and @Amigo_A_.

October 30th 2021

Chaos ransomware targets gamers via fake Minecraft alt lists

The Chaos Ransomware gang encrypts gamers’ Windows devices through fake Minecraft alt lists promoted on gaming forums.

November 1st 2021

FBI: HelloKitty ransomware adds DDoS attacks to extortion tactics

The U.S. Federal Bureau of Investigation (FBI) has sent out a flash alert warning private industry partners that the HelloKitty ransomware gang (aka FiveHands) has added distributed denial-of-service (DDoS) attacks to their arsenal of extortion tactics.

BlackShadow hackers breach Israeli hosting firm and extort customers

The BlackShadow hacking group attacked the Israeli hosting provider Cyberserve to steal client databases and disrupt the company’s services.

Canadian province health care system disrupted by cyberattack

The Canadian province of Newfoundland and Labrador has suffered a cyberattack that has led to severe disruption to healthcare providers and hospitals.

Also Read: The Top 10 Primary GDPR Requirements PDF To Secure Business

November 2nd 2021

New Dharma ransomware variant

dnwls0719 found a new Dharma ransomware variant that append the .MS extension to encrypted files.

New STOP ransomware variant

PCrisk found new STOP ransomware variants that append the .cool and .palq extensions to encrypted files.

FBI: Ransomware targets companies during mergers and acquisitions

The Federal Bureau of Investigation (FBI) warns that ransomware gangs are targeting companies involved in “time-sensitive financial events” such as corporate mergers and acquisitions to make it easier to extort their victims.

November 3rd 2021

BlackMatter ransomware claims to be shutting down due to police pressure

The BlackMatter ransomware is allegedly shutting down its operation due to pressure from the authorities and recent law enforcement operations.

UK Labour Party discloses data breach after ransomware attack

The U.K. Labour Party notified members that some of their information was impacted in a data breach after a ransomware attack hit a supplier managing the party’s data.

BlackMatter ransomware moves victims to LockBit after shutdown

With the BlackMatter ransomware operation shutting down, existing affiliates are moving their victims to the competing LockBit ransomware site for continued extortion.

A ransomware gang shut down after Cybercom hijacked its site and it discovered it had been hacked

A major overseas ransomware group shut down last month after a pair of operations by U.S. Cyber Command and a foreign government targeting the criminals’ servers left its leaders too frightened of identification and arrest to stay in business, according to several U.S. officials familiar with the matter.

New Polaris ransomware targeting Linux

Amigo-A found a new Polaris ransomware that is targeting Linux and dropping ransom notes named WARNING.txt.


November 4th 2021

Microsoft Exchange ProxyShell exploits used to deploy Babuk ransomware

A new threat actor is hacking Microsoft Exchange servers and breaching corporate networks using the ProxyShell vulnerability to deploy the Babuk Ransomware.

Phishing emails deliver spooky zombie-themed MirCop ransomware

A new phishing campaign pretending to be supply lists infects users with the MirCop ransomware that encrypts a target system in under fifteen minutes.

US targets DarkSide ransomware, rebrands with $10 million reward

The US government is targeting the DarkSide ransomware and its rebrands with up to a $10,000,000 reward for information leading to the identification or arrest of members of the operation.

Lockean multi-ransomware affiliates linked to attacks on French orgs

Details about the tools and tactics used by a ransomware affiliate group, now tracked as Lockean, have emerged today in a report from France’s Computer Emergency Response Team (CERT).

November 5th 2021

New Dharma ransomware variant

PCrisk found a new Dharma ransomware variant that append the .WORM extension to encrypted files.

New STOP ransomware variant

PCrisk found new STOP ransomware variants that append the .stax and .irkf extensions to encrypted files.

New Thanos ransomware variant

dnwls0719 found a new Thanos ransomware variant that appends the .stepik extension.

That’s it for this week! Hope everyone has a nice weekend!



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us