This week’s biggest news is the USA sanctioning a crypto exchange used by ransomware gangs to convert cryptocurrency into fiat currency. By targeting rogue exchanges, the US government is hoping to disrupt ransomware’s payment system.
This other interesting news this week is a list of vulnerabilities commonly used by ransomware gangs and how the REvil operators reportedly use their operator key to hijack negotiations from affiliates.
Attacks we learned about this week include ones against United Health Centers, NEW Cooperative, and Crystal Valley cooperative, GSS, and Greensville County Public Schools.
Contributors and those who provided new ransomware information and stories this week include: @Seifreed, @struppigel, @LawrenceAbrams, @jorntvdw, @malwareforme, @fwosar, @FourOctets, @BleepinComputer, @PolarToffee, @Ionut_Ilascu, @VK_Intel, @demonslay335, @malwrhunterteam, @serghei, @DanielGallagher, @ddd1ms, @ido_cohen2, @uuallan, @pancak3lullz, @Intel471Inc, @McAfee_Business, @fbgwls245, @pcrisk, @y_advintel, @AdvIntel, @tosscoinwitcher, and @PogoWasRight.
Security researchers are compiling an easy-to-follow list of vulnerabilities ransomware gangs and their affiliates are using as initial access to breach victims’ networks.
Also Read: 10 Tips For Drafting Key Terms In A Service Agreement
dnwls0719 found a new ransomware that appends the .kcry extension to encrypted files.
dnwls0719 found a new Redeemer ransomware that appends the .redeem extension to encrypted files.
U.S. farmers cooperative NEW Cooperative has suffered a BlackMatter ransomware attack demanding $5.9 million not to leak stolen data and provide a decryptor.
PCrisk found a new STOP ransomware variant that appends the .koom extension.
Also Read: Data Storage Security Standards: What Storage Professionals Need to Know
The US Treasury Department announced the first-ever sanctions against a cryptocurrency exchange, the Russian-linked Suex, for facilitating ransom transactions for ransomware gangs and helping them evade sanctions.
Minnesota farming supply cooperative Crystal Valley has suffered a ransomware attack, making it the second farming cooperative attacked this weekend.
CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) warned today of an increased number of Conti ransomware attacks targeting US organizations.
The main goal of BlackMatter is to encrypt files in the infected computer and demand a ransom for decrypting them. As with previous ransomware, the operators steal files and private information from compromised servers and request an additional ransom to not publish on the internet.
The manufacturing sector is highly dependent on a secure supply chain. Companies powering this sector are acutely aware of how a cyber attack on any part of a supply chain can bring their business to a screeching halt.
dnwls0719 found a new Quantum ransomware that appends the .quantum extension to encrypted files.
Cybercriminals are slowly realizing that the REvil ransomware operators may have been hijacking ransom negotiations, to cut affiliates out of payments.
PCRisk found a new ransomware variant calling appending the .yandex extension and dropping a ransom note named READ_ME_NOW.txt.
Also Read: IT Governance Framework PDF Best Practices And Guidelines
?California-based United Health Centers suffered a ransomware attack that reportedly disrupted all of their locations and resulted in patient data theft.
GSS, the Spanish and Latin America division of Covisian, one of Europe’s largest customer care and call center providers, has suffered a debilitating ransomware attack that froze a large part of its IT systems and crippled call centers across its Spanish-speaking customerbase.
Grief threat actors have added another k-12 district to their list of victims who have refused to pay their ransom demands.
Established in 2018, Privacy Ninja is a Singapore-based IT security company specialising in data protection and cybersecurity solutions for businesses. We offer services like vulnerability assessments, penetration testing, and outsourced Data Protection Officer support, helping organisations comply with regulations and safeguard their data.
Singapore
7 Temasek Boulevard,
#12-07, Suntec Tower One,
Singapore 038987
