Attacks picked up at a rapid pace this week as well-known companies and cities were targeted with ransomware that impacted their networks.
This week we learned that the Snake Ransomware conducted targeted attacks again both Honda and the Enel Group. The amount of devices encrypted is unknown, but both attacks impacted their network and caused systems to be shut down while being investigated.
We also saw attacks against the cities of Knoville, Tennessee and Florence, Alabama.
New information was also released about the new Avaddon Ransomware being distributed via spam and the Thanos RaaS that has some interesting features.
Contributors and those who provided new ransomware information and stories this week include: @demonslay335, @fwosar, @malwrhunterteam, @LawrenceAbrams, @malwareforme, @DanielGallagher, @struppigel, @BleepinComputer, @jorntvdw, @Seifreed, @FourOctets, @VK_Intel, @PolarToffee, @Ionut_Ilascu, @serghei, @AppRiver, @RecordedFuture, @milkr3am, @emsisoft, @briankrebs, @raby_mr, @GrujaRS, @ashabeeeee, and @fbgwls245.
A fake decryptor for the STOP Djvu Ransomware is being distributed that lures already desperate people with the promise of free decryption. Instead of getting their files back for free, they are infected with another ransomware that makes their situation even worse.
Computer networks in Europe and Japan from car manufacturer giant Honda have been affected by issues that are reportedly related to a SNAKE Ransomware cyber-attack.
Also read: http://www.privacy.com.sg/resources/6-tips-for-cyber-safety-at-home/
With a wink and a smile, the new Avaddon Ransomware has come alive in a massive spam campaign targeting users worldwide.
A second ransomware gang has partnered with Maze Ransomware to use their data leak platform to extort victims whose unencrypted files were stolen.
Michael Gillespie found a new STOP ransomware variant that appends the .zwer extension to encrypted files.
Michael Gillespie found a new Matrix Ransomware variant that appends the .AG88G extension and drops a ransom note named Readme_AG88G.rtf.
Emsisoft released a decryptor for the Zorab Ransomware that appends the .ZRB extension.
In late May, KrebsOnSecurity alerted numerous officials in Florence, Ala. that their information technology systems had been infiltrated by hackers who specialize in deploying ransomware. Nevertheless, on Friday, June 5, the intruders sprang their attack, deploying ransomware and demanding nearly $300,000 worth of bitcoin. City officials now say they plan to pay the ransom demand, in hopes of keeping the personal data of their citizens off of the Internet.
The Thanos ransomware is the first to use a researcher-disclosed RIPlace anti-ransomware evasion technique as well as numerous other advanced features that make it a serious threat to keep an eye on.
GrujaRS found a new Such_Crypt Ransomware variant that appends the .mwahahah extension.
The City of Knoxville, Tennessee, was forced to shut down its entire computer network following a ransomware attack that took place overnight and targeted the city’s offices.
European energy company giant Enel Group suffered a ransomware attack a few days ago that impacted its internal network.
Michael Gillespie found a new STOP ransomware variant that appends the .nypd extension to encrypted files.
Michael Gillespie found a new variant of the DCRTR Ransomware that appends the .coka extension.
Ravi found a new SFile ransomware variant that appends the .ESCAL-p9yqoly extension to encrypted files.
Jakub Kroustek found new Dharma ransomware variants that append the .php or .hack extensions to encrypted files.
dnwls0719 found a new Makop Ransomware variant that appends the .origami extension to encrypted files.
Australian beverage giant Lion on Friday added further detail to the cyber incident it disclosed earlier this week, confirming it fell victim to a ransomware attack.
Also read: http://www.privacy.com.sg/resources/cross-border-data-privacy-singapore/
Established in 2018, Privacy Ninja is a Singapore-based IT security company specialising in data protection and cybersecurity solutions for businesses. We offer services like vulnerability assessments, penetration testing, and outsourced Data Protection Officer support, helping organisations comply with regulations and safeguard their data.
Singapore
7 Temasek Boulevard,
#12-07, Suntec Tower One,
Singapore 038987
