The Week in Ransomware – October thirteenth 2023

Posted on By Editor No Comments on The Week in Ransomware – October thirteenth 2023
Technology

[ad_1]

Sign with ransomware ahead written on it

Ransomware gangs proceed to pummel the enterprise, with assaults inflicting disruption in enterprise operations and leading to knowledge breaches if a ransom shouldn’t be paid.

This week, we realized of three assaults impacting well-known corporations, with BianLian claiming the attack on Air Canada and ALPHV claiming an attack on state courts throughout Northwest Florida (a part of the First Judicial Circuit) final week.

A cyberattack on Simpson Manufacturing induced the corporate to close down IT methods, but it surely has not been confirmed as a ransomware assault.

In different information, a risk actor launched the supply code for the first version of Hello Kitty ransomware, claiming to be growing a brand new one that may rival LockBit.

Lastly, researchers and authorities companies launched some attention-grabbing information this week:

  • A brand new Q3 2023 Ransomware Trends Summary reveals that ransomware continues to blow up, with Q3 being probably the most profitable quarter ever recorded.
  • The FBI shared technical particulars, protection ideas, and IOCs for the AvosLocker ransomware, which has not been energetic recently.
  • Ransomware assaults have now began to focus on unpatched WS_FTP servers. Nonetheless, these assaults are extra encryption-focused slightly than for knowledge theft.

Contributors and those that offered new ransomware data and tales this week embrace: @fwosar, @demonslay335, @billtoulas, @Ionut_Ilascu, @serghei, @BleepinComputer, @malwrhunterteam, @Seifreed, @LawrenceAbrams, @SophosXOps, @3xp0rtblog, @AlvieriD, @pcrisk, @cyber_int, and @LikelyMalware.

October eighth 2023

New STOP ransomware variants

PCrisk discovered new STOP ransomware variants that append the .mlwq and .mlrd extensions to encrypted recordsdata.

October ninth 2023

ALPHV ransomware gang claims attack on Florida circuit court

The ALPHV (BlackCat) ransomware gang has claimed an assault that affected state courts throughout Northwest Florida (a part of the First Judicial Circuit) final week.

HelloKitty ransomware source code leaked on hacking forum

A risk actor has leaked the whole supply code for the primary model of the HelloKitty ransomware on a Russian-speaking hacking discussion board, claiming to be growing a brand new, extra highly effective encryptor.

New STOP ransomware variants

PCrisk discovered new STOP ransomware variants that append the .mlza and .mlap extensions to encrypted recordsdata.

New Hazard ransomware variant

PCrisk discovered a Hazard ransomware variant that appends the .hazard18 (the digit could also be totally different per sufferer) and drops a ransom word named HOW_TO_BACK_FILES.html.

New MedusaLocker ransomware variant

PCrisk discovered a MedusaLocker ransomware variant that appends the .locknet and drops a ransom word named HOW_TO_BACK_FILES.html.

October tenth 2023

Air Europa data breach: Customers warned to cancel credit cards

Spanish airline Air Europa, the nation’s third-largest airline and a member of the SkyTeam alliance, warned clients on Monday to cancel their bank cards after attackers accessed their card data in a latest knowledge breach.

October eleventh 2023

BianLian extortion group claims recent Air Canada breach

The BianLian extortion group claims to have stolen 210GB of knowledge after breaching the community of Air Canada, the nation’s largest airline and a founding member of Star Alliance.

Simpson Manufacturing shuts down IT systems after cyberattack

Simpson Manufacturing disclosed through a SEC 8-Okay submitting a cybersecurity incident that has induced disruptions in its operations, that are anticipated to proceed.

Distribution of Magniber Ransomware Stops (Since August 25th)

By a steady monitoring course of, AhnLab Safety Emergency response Middle (ASEC) is swiftly responding to Magniber, the primary malware that’s actively being distributed utilizing the typosquatting methodology which abuses typos in area addresses. After the blocking guidelines of the injection approach utilized by Magniber have been distributed, ASEC printed a submit in regards to the related data on August tenth.

Ransomware Trends 2023, Q3 Report

Q3 might be remembered as a brand new document for the ransomware business because it was probably the most profitable quarter ever recorded.

October twelfth 2023

FBI shares AvosLocker ransomware technical details, defense tips

The U.S. authorities has up to date the record of instruments AvosLocker ransomware associates use in assaults to incorporate open-source utilities together with customized PowerShell, and batch scripts.

Ransomware attacks now target unpatched WS_FTP servers

Web-exposed WS_FTP servers unpatched in opposition to a most severity vulnerability are actually focused in ransomware assaults.

That is it for this week! Hope everybody has a pleasant weekend!



[ad_2]

Source_link

You may also like

Technology
Hyundai knowledge breach exposes proprietor particulars in France and Italy
April 12, 2023
Technology
Magic’s newest set has turned me right into a monster (and I prefer it)
February 11, 2023
Technology
Useless Island 2’s launch date moved to April twenty first
February 13, 2023
Technology
New darkish internet market STYX focuses on monetary fraud companies
April 5, 2023

Leave a Reply

Your email address will not be published. Required fields are marked *