KEEP IN TOUCH
Subscribe to our mailing list to get free tips on Data Protection and Cybersecurity updates weekly!
Ransomware continues to target government entities and the enterprise, while victims quietly pay ransoms that power this cycle of attacks.
This week we learned that government software provider Tyler Technologies paid a ransom to obtain a decryptor for their attack.
We also learned about attacks against the Crytek and Ubisoft, City of Mt. Pleasant, the London borough of Hackney, International law firm Seyfarth Shaw, and an attack on Barnes & Noble that caused them to shut down the service powering Nook e-Readers.
While Hackney and Barnes & Noble have not disclosed that they suffered a ransomware attack, they highly likely have.
This week we also learned that the ThunderX ransomware was part of Ako Ransomware, who renamed their operation Ranzy Locker.
We also learned about attacks against the Crytek and Ubisoft, City of Mt. Pleasant, the London borough of Hackney, International law firm Seyfarth Shaw, and an attack on Barnes & Noble that caused them to shut down the service powering Nook e-Readers.
While Hackney and Barnes & Noble have not disclosed that they suffered a ransomware attack, they highly likely have.
This week we also learned that the ThunderX ransomware was part of Ako Ransomware, who renamed their operation Ranzy Locker.
It’s now the beginning of the weekend when ransomware operators come out to play. Monitor your networks for suspicious activity and make sure your admin credentials are secure because there will be a slew of new victims come Monday.
Contributors and those who provided new ransomware information and stories this week include: @fwosar, @demonslay335, @serghei, @Seifreed, @jorntvdw, @Ionut_Ilascu, @struppigel, @BleepinComputer, @LawrenceAbrams, @PolarToffee, @FourOctets, @malwrhunterteam, @malwareforme, @VK_Intel, @DanielGallagher, @ESET, @msftsecurity, @Mandiant, @BrettCallow, @IntelAdvanced, @RobbyCortes, @Bitdefender, @Kangxiaopao, @siri_urz, @Arkbird_SOLG, and @Amigo_A_.
Also Read: Intrusion Into Privacy All About Law And Legal Definition
Tyler Technologies has paid a ransom for a decryption key to recover files encrypted in a recent ransomware attack.
TrickBot, one of the most active botnets on the planet, recently has suffered some strong blows from actors in the cybersecurity industry aiming at disrupting its operations.
The TrickBot gang operators are increasingly targeting high-value targets with the new stealthy BazarLoader trojan before deploying the Ryuk ransomware.
Michael Gillespie found a new Matrix Ransomware variant that appends the .TG33 extension and drops the TG33_INFO.rtf ransom note.
Michael Gillespie found a new STOP Ransomware variant that appends the .foqe extension.
The City of Mt. Pleasant has fallen victim to a ransomware attack, that is according to city officials.
Siri found a new Nephilim ransomware variant that appends the .MERIN extension.
Arkbird found a new Loki Stealer variant that steals files and then encrypts your computer. When encrypting, it appends the .loki extension to encrypted files.
Also Read: How To Make Effective Purchase Order Template Singapore
International law firm Seyfarth Shaw announced on Monday that it was the victim of a ransomware attack over the weekend.
The city council systems for the London Borough of Hackney have been hit with a ‘serious’ cyberattack that impacts many of their services and IT systems.
xiaopao found the Badboymnb Ransomware that appends the .Badboy extension and drops a ransom note named ReadME-BadboyEncryption.txt.
FIN11, a financially-motivated hacker group with a history starting since at least 2016, has adapted malicious email campaigns to transition to ransomware as the main monetization method.
U.S. Bookstore giant Barnes & Noble has disclosed that they were victims of a cyberattack that may have exposed customers’ data.
xiaopao found a new Philadelphia Ransomware variant.
xiaopao found the Dharma ransomware variant that appends the .zxcv extension.
Siri found a new PewPew ransomware variant that appends the .artemis extension.
Amigo-A found a new variant of the Scarab Ransomware that appends the .Bioawards extension and drops ransom notes named Instruction.txt and DECRYPT FILES.TXT.
The Egregor ransomware gang has hit game developer Crytek in a confirmed ransomware attack and leaked what they claim are files stolen from Ubisoft’s network.
Michael Gillespie found a new STOP Ransomware variant that appends the .mmpa extension.
xiaopao found the Adhubllka Ransomware that appends the .see_read_me and drops a ransom note named Read_Me.txt.
Siri found a new ransomware that appends the .CRPTD extension.
ThunderX has changed its name to Ranzy Locker and launched a data leak site where they shame victims who do not pay the ransom.
Sports data provider Stats Perform has been down for almost a week thanks to a ransomware hack, Legal Sports Report understands.
We’re happy to announce the availability of a new decryptor for MaMoCrypt, a strain of ransomware that appeared in December last year.
Michael Gillespie found a new HiddenTear ransomware named MadDog that appends the .id-.[[email protected]].MadDog to encrypted files.
Established in 2018, Privacy Ninja is a Singapore-based IT security company specialising in data protection and cybersecurity solutions for businesses. We offer services like vulnerability assessments, penetration testing, and outsourced Data Protection Officer support, helping organisations comply with regulations and safeguard their data.
Singapore
7 Temasek Boulevard,
#12-07, Suntec Tower One,
Singapore 038987
Latest resources sent to your inbox weekly
© 2025 Privacy Ninja. All rights reserved
Subscribe to our mailing list to get free tips on Data Protection and Cybersecurity updates weekly!
Subscribe to our mailing list to get free tips on Data Protection and Cybersecurity updates weekly!