The Week in Ransomware – June thirtieth 2023

Cyber Security

The Week in Ransomware – June thirtieth 2023

lohitnath.453

July 2, 2023

The Week in Ransomware – June thirtieth 2023

[ad_1]

Man shown in facets of a glass square

A case of mistaken identification and additional MOVEit Switch information breaches proceed dominated the ransomware information cycle this week.

This week, the New York Metropolis Division of Schooling disclosed that the information of 45,000 college students was uncovered, and Siemens Power confirmed a breach too.

In different information, an affiliate group of the LockBit ransomware operation claimed to have focused Taiwan Semiconductor Manufacturing Firm (TSMC), one of many largest semiconductor producers on the planet.

Nevertheless, after threatening to leak information, credentials, and flaws of their community if a $70 million ransom demand was not paid, TSMC denied the hacking claims and mentioned the ransomware gang breached a third-party vendor.

A brand new report by VMware’s Carbon Black group sheds mild on the 8Base ransomware operation, illustrating how they use the Phobos ransomware in assaults.

Lastly, we had some dangerous and excellent news in regards to the Akira ransomware operation.

The dangerous information is that they’ve created a Linux encryptor to focus on VMware ESXi servers. The excellent news is that Avast revealed a decryptor permitting victims to get well recordsdata encrypted by the ransomware operation.

Contributors and those that supplied new ransomware data and tales this week embody: @BleepinComputer, @fwosar, @demonslay335, @billtoulas, @Seifreed, @LawrenceAbrams, @malwrhunterteam, @struppigel, @serghei, @rivitna2, @Avast, @AuCyble, @VMware, @pcrisk, @BushidoToken, and @BrettCallow.

June twenty sixth 2023

Hackers steal information of 45,000 New York Metropolis college students in MOVEit breach

The New York Metropolis Division of Schooling (NYC DOE) says hackers stole paperwork containing the delicate private data of as much as 45,000 college students from its MOVEit Switch server.

New STOP ransomware variants

PCrisk discovered new STOP ransomware variants that append the .thgz, .tgpo, and .tgvv extensions.

New Tuga ransomware

PCrisk discovered a brand new ransomware that appends the .TUGA extension and drops a ransom notice named README.txt.

June twenty seventh 2023

Siemens Power confirms information breach after MOVEit data-theft assault

Siemens Power has confirmed that information was stolen through the current Clop ransomware data-theft assaults utilizing a zero-day vulnerability within the MOVEit Switch platform.

New Anti-US ransomware

PCrisk discovered a brand new ransomware that appends the .anti-us extension and drops a ransom notice named read-it.

June twenty eighth 2023

Linux model of Akira ransomware targets VMware ESXi servers

The Akira ransomware operation makes use of a Linux encryptor to encrypt VMware ESXi digital machines in double-extortion assaults in opposition to corporations worldwide

8Base ransomware gang escalates double extortion assaults in June

A 8Base ransomware gang is focusing on organizations worldwide in double-extortion assaults, with a gradual stream of recent victims for the reason that starting of June.

New Havoc ransomware

PCrisk discovered a brand new ransomware that appends the .havoc extension and drops a ransom notice named resq_Recovery.txt.

June twenty ninth 2023

New Resq100 ransomware

PCrisk discovered a brand new ransomware that appends the .resq100 extension and drops a ransom notice named FILES ENCRYPTED.txt.

That is it for this week! Hope everybody has a pleasant weekend!

[ad_2]