Thursday, December 1, 2022
HomeCyber SecurityThe Week in Ransomware - July twenty second 2022

The Week in Ransomware – July twenty second 2022


New ransomware operations proceed to be launched this week, with the new Luna ransomware discovered to be focusing on each Home windows and VMware ESXi servers.

We additionally discovered how the Conti ransomware gang breached the Costa Rican authorities’s techniques and that the FBI recovered $500,000 in ransoms paid by well being care to the Maui ransomware operation.

The large assault that went public this week was towards digital safety agency Entrust, which disclosed they suffered a safety incident on June 18th that led to information being stolen.

Different assaults we discovered about his week embrace constructing supplies big Knauf, an assault in town of St. Marys, and an assault on the city of Frederick, Colorado.

Contributors and those that offered new ransomware data and tales this week embrace: @serghei, @VK_Intel, @jorntvdw, @DanielGallagher, @struppigel, @PolarToffee, @FourOctets, @Seifreed, @malwrhunterteam, @Ionut_Ilascu, @LawrenceAbrams, @demonslay335, @billtoulas, @BleepinComputer, @fwosar, @malwareforme, @AdvIntel, @AuCyble, @kaspersky, @pcrisk, @corintxt, @Amigo_A_, and @jgreigj.

July seventeenth 2022

New STOP247 ransomware

Amigo-A discovered the brand new STOP247 ransomware that appends the .cease and drops a ransom notice named RECOVERY_INFORMATION.TXT.

July 18th 2022

Colorado police investigating ransomware assault on small city

The police division of Frederick, Colorado mentioned it’s investigating claims that the city authorities was hit with a ransomware assault.

New Dharma Ransomware variant

PCrisk discovered a brand new Dharma ransomware variant that appends the .xrom extension and drops a ransom notice named FILES ENCRYPTED.txt.

New STOP ransomware variants

PCrisk discovered new STOP ransomware variants that append the .ggyu, .ggeo, .ggew, and .ggwq extension.

New CHAOS based mostly BlueKey ransomware

PCrisk discovered a brand new CHAOS ransomware variant that appends the .blueKey extension and drops a ransom notice named DECRYPTION_INSTRUCTIONS.txt.

July nineteenth 2022

Constructing supplies big Knauf hit by Black Basta ransomware gang

The Knauf Group has introduced it has been the goal of a cyberattack that has disrupted its enterprise operations, forcing its international IT staff to close down all IT techniques to isolate the incident.

New Dharma ransomware variant

PCrisk discovered a brand new Dharma variant that appends the .NMO extension.

New Matrix ransomware variant

PCrisk discovered a brand new Matrix ransomware variant that appends the .KOK08 extension and drops a ransom notice named !README_KOK08!.rtf.

July twentieth 2022

New Luna ransomware encrypts Home windows, Linux, and ESXi techniques

A brand new ransomware household dubbed Luna can be utilized to encrypt units working a number of working techniques, together with Home windows, Linux, and ESXi techniques.

FBI recovers $500,000 healthcare orgs paid to Maui ransomware

The U.S. Division of Justice has introduced the seizure of roughly $500,000 in Bitcoin, paid by American well being care suppliers to the operators of the Maui ransomware pressure.

July twenty first 2022

New Redeemer ransomware model promoted on hacker boards

A risk actor is selling a brand new model of their free-to-use ‘Redeemer’ ransomware builder on hacker boards, providing unskilled risk actors a straightforward entry to the world of encryption-backed extortion assaults.

How Conti ransomware hacked and encrypted the Costa Rican authorities

Particulars have emerged on how the Conti ransomware gang breached the Costa Rican authorities, exhibiting the assault’s precision and the pace of transferring from preliminary entry to the ultimate stage of encrypting units.

New STOP ransomware variants

PCrisk discovered STOP ransomware variants that append the .ooxa and .oori extensions.

July twenty second 2022

Digital safety big Entrust breached by ransomware gang

Digital safety big Entrust has confirmed that it suffered a cyberattack the place risk actors breached their community and stole information from inner techniques.

A small Canadian city is being extorted by a worldwide ransomware gang

The Canadian city of St. Marys, Ontario, has been hit by a ransomware assault that has locked employees out of inner techniques and encrypted information.

New Kriptor ransomware

PCrisk discovered the brand new Kriptor ransomware that appends the .Kriptor and drops a ransom notice named read_it.txt.

That is it for this week! Hope everybody has a pleasant weekend!



RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular

Recent Comments