A report from the Cyber ​​Security Agency of Singapore (CSA) has revealed that ransomware attacks surged in 2019 by accounting 35 cases, compared to figures recorded in 2018. It has been reported by a “Cyber ​​Landscape 2019” study published by the Singaporean government that the entity received 35 reports of ransomware incidents in 2019. This represents a surge compared to the 21 cases reported in 2018. However, most of the attacks targeted the travel, tourism, manufacturing

Maze and Doppelpaymer, the two ransomware gangs, have attacked LG, the electronics giant, and Mitsubishi, the Japanese multinational car manufacturer, as the hackers are now threatening both companies with data leaks. It has been reported that screenshots posted to the gang’s blog, which showed several files, as well as source code from the attack. However, LG has not addressed the incident officially, as a statement from the ransomware gang alleges that the hackers managed t

CryCryptor, a new ransomware, has targeted Canadian Android users, as it has distributed through multiple websites that pose as portals for a government-backed COVID-19 tracing app. On June 24, it has been reported by ESET that CryCryptor appeared shortly after Canada’s government announced a COVID-19 tracing app that utilizes voluntary information submitted by citizens. Once the victim installs the fake app, the ransomware encrypts all files, leaving a “readme” note with the

The REvil ransomware gang has auctioned sensitive data after a card services provider Interacard, who failed to cover their ransom. It has been reported that the information is available in an auction listing published by the group, as all prospective bidders are required to pay using Monero (XMR). However, REvil has previously only auctioned data in cases where their name-and-shame tactics fail to extract payment from a targeted company. But, that does not appear to be the c

Evil Corp, a malware group, has recently launched a new ransomware that asks its victims to pay a million-dollar ransom, as the group had previously gone quiet after the US Department of Justice charged some of its members in December 2019. On June 23, it has been reported by the cybersecurity firm Fox-IT that a division of NCC Group, Evil Corp has been active since 2007, the group is considered to be one of the biggest cybercrime teams on the Internet. However, they are know

NetWalker ransomware gang continued to launch ransomware attacks to the healthcare sector Crozer-Keystone Health System during the COVID-19 pandemic. It has been reported that the gang is now auctioning the system’s stolen data through its darknet website. If it is not purchased at auction within six days, the gang has vowed to leak the data. However, there appeared to be dozens of folders with an undisclosed amount of data, mostly concerning finances, but nothing related to

DraftKings, the online fantasy-sports company, has filed a Form S-1 registration statement with the US Securities and Exchange Commission (SEC), which indicates SBTech, a company DraftKing acquired, was hit by a ransomware attack in March. It has been reported that according to the registration form, which is required by the SEC before companies may go public on Nasdaq, SBTech, an online gambling technology provider that merged with DraftKings, suffered the cyber attack befor

REvil, a ransomware gang, has leaked sensitive documents stolen from a US-based robotics company. On June 11, it has been reported that the team has started leaking confidential data belonging to Symbotic LLC. The report noted: “You do not want to speak with us and you probably think that we will not publish your data. We are already publishing.” However, the cybercriminal group stated that they had created a website and paid for the hosting for a year, as they threatened to

Recorded Future, a cybersecurity firm, has revealed that a ransomware attack named “Thanos” has been promoted on a number of darknet hacking forums since February 2020. On June 10, it has been reported that Recorded Future’s Insikt Group uncovered the new “ransomware-as-a-service” attack. However, “ransomware-as-a-service” methods consist of allowing external hackers to use the ransomware to attack their targets in exchange for adhering to a revenue-share scheme with the deve

Maze, the ransomware gang, threatens to leak stolen data from Threadstone Advisors, LLC, a US-based independent advisory firm, where Victoria Beckham, the former Spice Girl, businesswoman and the wife of the famous football player David Beckham, has worked. It has been reported that Threadstone Advisors, LLC worked with Victoria Beckham to establish an investment liaison with NEO investment partners. Among the advisory firm’s clients are Charles S. Cohen, Pittsburgh Brewing C

A ransomware gang launched an attack on the information technology systems of Alabama city of Florence in May, as this attack came despite warnings by cybersecurity firms about possible hacker infiltration into the city’s infrastructure. On June 8, it has been reported by KrebsOnSecurity that city officials intend to pay a ransom of nearly $300,000 by citing concerns that failing to do so may result in private citizens having their personal data leaked. If paid, the ransom wi

Ransomware gang Maze reportedly stole 1.5TB of sensitive data from the ST Engineering Aerospace, the US branch of an integrated engineering group, which works with various governments, and its partners. On June 6, it has been reported by The Straits Times that the Singapore-based company was allegedly attacked by Maze in March, citing an analysis by cybersecurity firm, Cyfirma. However, the report states that the data stolen by the criminals is related to contract details wit

Creators behind Zorab ransomware launched a fake tool that double-encrypts files affected by the attack. On June 5, it has been reported by Bleeping Computer that the creators behind released a fake STOP Djvu decryptor. Instead of recovering a victim’s data, this software appears to encrypt their files further with a second ransomware. However, when the victim opens one of these tools, the software extracts an executable file called crab.exe, as this is the Zorab ransomware i

Malware lab, Emsisoft has released a free decryptor tool on June 4 enabling victims to recover files encrypted by Tycoon (originally known as RedRum) ransomware attacks without needing to pay the ransom. Researchers from BlackBerry’s security unit first discovered the ransomware. Tycoon uses a Java file format to make it more difficult to detect before deploying its payload that encrypts the files. ICYMI we've released a free decryptor for the RedRum variant of Tycoon #ransom

Microsoft has revealed a new human-operated ransomware called “PonyFinal” that uses “brute force” against a target company’s systems management server and mainly has targeted the healthcare sector amidst the COVID-19 crisis. On May 27, it has been reported by a series of tweets published by the tech giant that PonyFinal requires hackers to break the security scheme of corporate networks in order to deploy the ransomware manually, as PonyFinal doesn’t rely on tricking the user

Educational sectors across the globe have been witnessing a surge in ransomware attacks in 2020. According to Verizon’s 2020 Data Breach Investigation Report, ransomware attacks account for approximately 80% of all cyberattacks suffered. It has been reported that the data suggests 92% of these incidents were motivated by financial reasons, while only 3% aimed to perform espionage activities on businesses operating within education. A Veruzon report shows a sharp increase of r

Sophos, the UK-based cybersecurity firm, has revealed that new details of Ragnar Locker ransomware attack, which runs a virtual machine on target computers in order to infect them with the ransomware, as this may play the attack beyond the reach of the computer’s local antivirus software. It has been reported that the Ragnar Locker attack is quite selective when choosing its victims, as it’s targets tend to be companies rather than individual users. However, Ragnar Locker ask

A ransomware gang is threatening to release legal secrets of the world’s biggest music and movie stars Lady Gaga, Elton John, Robert DeNiro, and Madonna, who are at risk of exposure after a ransomware attack on a high profile New York entertainment law firm. It has been reported that Grubman Shire Meiselas & Sacks, who have been hit by the REvil ransomware, also known as Sodinokibi, with the attackers threatening to release up to 756GB of stolen data in nine staged releases.

Maze, a cybercrime group, has hacked two plastic surgery studios with ransomware, as they consequently leaked patient’s social security numbers and other sensitive information on the Internet. On May 5, it has been reported that Brett Callow, the threat analyst of Emsisoft, has said that Maze recently took credit for hacking a plastic surgeon named Kristin Tarbet. They also claim to have hacked the Ashville Plastic Surgery Institute. However, he explained that in Tarbet’s cas

The “Nefilim” ransomware threatens to leak data of Victoria’s Secret if the demands are not met. Attackers are threatening if the company fails to make the required payments. It has been reported by ITNews that Australian logistics giant Toll Group suffered its second ransomware attack so far this year, with this type of ransomware (Nefilim). However, Toll Group had shut down its IT system after detecting “unusual activities.” The company responsible for delivering many hundr