New ransomware operations proceed to be launched this week, with the new Luna ransomware discovered to be focusing on each Home windows and VMware ESXi servers.
We additionally discovered how the Conti ransomware gang breached the Costa Rican authorities’s techniques and that the FBI recovered $500,000 in ransoms paid by well being care to the Maui ransomware operation.
The large assault that went public this week was towards digital safety agency Entrust, which disclosed they suffered a safety incident on June 18th that led to information being stolen.
Contributors and those that offered new ransomware data and tales this week embrace: @serghei, @VK_Intel, @jorntvdw, @DanielGallagher, @struppigel, @PolarToffee, @FourOctets, @Seifreed, @malwrhunterteam, @Ionut_Ilascu, @LawrenceAbrams, @demonslay335, @billtoulas, @BleepinComputer, @fwosar, @malwareforme, @AdvIntel, @AuCyble, @kaspersky, @pcrisk, @corintxt, @Amigo_A_, and @jgreigj.
July seventeenth 2022
Amigo-A discovered the brand new STOP247 ransomware that appends the .cease and drops a ransom notice named RECOVERY_INFORMATION.TXT.
July 18th 2022
The police division of Frederick, Colorado mentioned it’s investigating claims that the city authorities was hit with a ransomware assault.
PCrisk discovered a brand new Dharma ransomware variant that appends the .xrom extension and drops a ransom notice named FILES ENCRYPTED.txt.
PCrisk discovered new STOP ransomware variants that append the .ggyu, .ggeo, .ggew, and .ggwq extension.
PCrisk discovered a brand new CHAOS ransomware variant that appends the .blueKey extension and drops a ransom notice named DECRYPTION_INSTRUCTIONS.txt.
July nineteenth 2022
The Knauf Group has introduced it has been the goal of a cyberattack that has disrupted its enterprise operations, forcing its international IT staff to close down all IT techniques to isolate the incident.
PCrisk discovered a brand new Dharma variant that appends the .NMO extension.
PCrisk discovered a brand new Matrix ransomware variant that appends the .KOK08 extension and drops a ransom notice named !README_KOK08!.rtf.
July twentieth 2022
A brand new ransomware household dubbed Luna can be utilized to encrypt units working a number of working techniques, together with Home windows, Linux, and ESXi techniques.
The U.S. Division of Justice has introduced the seizure of roughly $500,000 in Bitcoin, paid by American well being care suppliers to the operators of the Maui ransomware pressure.
July twenty first 2022
A risk actor is selling a brand new model of their free-to-use ‘Redeemer’ ransomware builder on hacker boards, providing unskilled risk actors a straightforward entry to the world of encryption-backed extortion assaults.
Particulars have emerged on how the Conti ransomware gang breached the Costa Rican authorities, exhibiting the assault’s precision and the pace of transferring from preliminary entry to the ultimate stage of encrypting units.
PCrisk discovered STOP ransomware variants that append the .ooxa and .oori extensions.
July twenty second 2022
Digital safety big Entrust has confirmed that it suffered a cyberattack the place risk actors breached their community and stole information from inner techniques.
The Canadian city of St. Marys, Ontario, has been hit by a ransomware assault that has locked employees out of inner techniques and encrypted information.
PCrisk discovered the brand new Kriptor ransomware that appends the .Kriptor and drops a ransom notice named read_it.txt.
That is it for this week! Hope everybody has a pleasant weekend!