Category: RansomWare

A joint international law enforcement operation led to the arrest of two ransomware operators in Ukraine who have extorted victims with ransom demands ranging between €5 to €70 million. The operation was conducted in coordination with the FBI, the French police (Gendarmerie Nationale), and the Ukrainian National Police. The police officials performed seven property searches, […]

NEW Cooperative, Iowa based farmer’s feed and grain cooperative was hit by BlackMatter ransomware gang who is demanding a $5.9 million ransom. The gang claims to have stolen 1,000 GB of data and are threatening to double the ransom if it is not paid in five days. The stolen data includes the source code for […]

Researchers from Bitdefender released a free master decryptor for the REvil ransomware operation which could be used by past victims to recover their files for free. The REvil gang hit the Kaseya cloud-based MSP platform on July 2nd which impacted MSPs and their customers. The gang initially compromised the Kaseya VSA’s infrastructure, then pushed out […]

A new ransomware gang called LockFile encrypts Windows domains after exploiting the Microsoft Exchange servers using the recently disclosed ProxyShell vulnerabilities. ProxyShell is the name of an attack consisting of three chained Microsoft Exchange vulnerabilities that leads to unauthenticated, remote code execution. The three vulnerabilities were discovered by Devcore Principal Security Researcher Orange Tsai, who […]

A new analysis of the budding ransomware strain called Diavol shows a clearer connection with the infamous TrickBot gang and the evolution of the malware. Cybersecurity researchers from IBM X-Force have disclosed details which shows that the ransomware sample shares similarities to other malware that has been attributed to the cybercrime gang. In early July, […]

Global IT consultancy giant Accenture was hit by a ransomware attack carried out by LockBit 2.0 ransomware operators according to an announcement made by the gang on their leak site. The message posted on the data leak website reads as “These people are beyond privacy and security. I really hope that their services are better […]

A disgruntled Conti affiliate has leaked the gang’s training material when conducting attacks, which also includes information about one of the ransomware’s operators. The Conti Ransomware operation does ransomware-as-a-service (RaaS), where the core team manages the malware and Tor sites, while recruited affiliates perform network breaches and encrypt devices. In this arrangement, the core team […]

GIGABYTE, the Taiwanese manufacturer and distributor of computer hardware was a victim of the RansomEXX ransomware gang where 112GB of data were claimed to be stolen. The leak site of the RansomEXX gang does not include the company name as of now, but it was found that the attack was conducted by this ransomware gang. […]

ERG SPA, an Italian energy company was hit by a recent ransomware attack conducted by LockBit 2.0 gang and had minor impact on its operations. Due to the attack the company reported only a few minor disruptions for its ICT infrastructure. The company is active in the production of wind energy, solar energy, hydroelectric energy […]

Encryption algorithms found in a decryptor indicate that the notorious DarkSide ransomware gang has been rebranded as a new BlackMatter ransomware operation and is actively performing attacks on corporate entities. The DarkSide ransomware group faced increased scrutiny by international law enforcement and the US government for their role in attacks against Colonial Pipeline, the largest […]