Ransomware Attack on Texas Clinic Affects 33k, Some Patient Records Lost

A ransomware attack on Grand Prairie, Texas-based Rainbow Children’s Clinic in early August reportedly affected 33,638 patients, according to Information Management.

On Aug. 3, a hacker launched a ransomware attack on the clinic’s computer system, encrypting data on the clinic’s servers. Rainbow Children’s Clinic attempted to quickly shut down its system, but an investigation conducted by a forensic expert proved a number of patient records had been deleted, reports Healthcare Finance News.

The potentially “irretrievably deleted” records may include patients’ names, addresses, dates of birth, Social Security numbers, medical information and payment guarantors.

Read More>>

London’s financial Center Bombarded With Ransomware

People who work in the City of London, the UK capital’s financial centre, are being targeted by a specific kind of computer attack that holds digital files to ransom.

Cybersecurity company Malwarebytes says that the City of London is a hotbed for ransomware attacks compared to the rest of Europe.

The company monitored cybersecurity threats for just over a year to see which parts of Europe had the most attacks. It found that the City of London suffered 10,500 ransomware attacks, which is 670% more than the second-biggest target, Manchester.

Ransomware attacks increased five times in the last year

We’re facing an ‘epidemic’ in ransomware, Kaspersky Lab says, trying to help everyone understand the scale of the problem. Just in one year, between April 2015 and March 2016, the security reseachers logged 718,536 users being hit with this type of malware.

That represents a 5.5-times increase in the number of ransomware attacks, compared to the same period a year before.

The worst thing about this is, at least according to Kaspersky Lab, is that victims tend to pay the ransom, just drawing more cyber-criminals into the ‘business’.

Ransomware scum build weapon from JavaScript

New ransomware written entirely in JavaScript has appeared encrypting users files for a US$250 (£172, A$336) ransom and installing a password-stealing application.

Researchers @jameswt_mht and @benkow_ found the ransomware they dubbed RAA.

Bleeping Computer malware man Lawrence Abrams described the ransomware noting it is shipped as a JS file and uses the CryptoJS library for AES encryption.

“RAA is currently being distributed via emails as attachments that pretend to be doc files and have names like mgJaXnwanxlS_doc_.js,” Abrams says.

Ransomware runs riot: Huge rise in online extortion observed

It’s no secret that ransomware is fast becoming a favourite of cybercriminals, and another report has confirmed the dizzying rise of this strain of malware.

Apparently there are now over 120 different families of ransomware, and a massive 3,500% increase has been witnessed in the scope of the net infrastructure which criminals use to run ransomware stings.

The latter statistic comes from Infoblox which monitors the web domains that cybercriminals use to host sites containing information on their malware and payment instructions – along with the payment systems themselves (which invariably involve extorting a considerable chunk of virtual cash in the form of Bitcoins).

yahoo logo

Ransomware threat spooks House of Representatives

The House of Representatives has been targeted by a series of attempted ransomware attacks. Representatives and their staff are being warned by the House’s tech support staff to avoid any suspicious links sent to them via email, as that seems to be where the attackers are focusing their attention.

Ransomware is a form of malware attack that’s seen an upswing of attention in recent months. It works by baiting users into running code that encrypts the files on their computers, locking them out. At that point, the only way to remedy the situation is to pay a ransom to the perpetrator.

Ransomware attack forces Michigan utility to shut down systems, phone lines, email

Last week was a busy week when it comes to ransomware. New victims included a utility company, visitors to a toymaker’s website, pirates sailing The Pirate Bay and many more. Some cyber crooks are now demanding gift cards for ransom instead of bitcoin.

While it wasn’t all bad news, there are new decryptors and detectors, the FBI published a new warning about the proliferation of increasingly sophisticated ransomware campaigns.

Homeland Security Issues Ransomware Alert for Networked Systems

The US Department of Homeland Security issued a ransomware alert through the US Computer Emergency Readiness Team (US-CERT) to organizations that use networked systems, warning them of the potential dangers stemming from this type of malware.

DHS issues ransomware alert for organizations using networked systems. In conjunction with the Canadian Cyber Incident Response Centre (CCIRC), DHS explained that the alert is designed “to provide further information on ransomware, specifically its main characteristics, its prevalence, variants that may be proliferating, and how users can prevent and mitigate against ransomware.”

Locky Ransomware Infecting 90,000 Systems Daily

Ransomware is quickly becoming a mainstream form of malware, according to the Clearwater, Fla.-based cybersecurity firm KnowBe4, and one driving factor is the significant amount of cash being racked up by the notorious Dridex banking Trojan gang with its new Locky strain.

Locky was linked to the Russian Dridex gang by IT security companies Proofpoint and Palo Alto Networks as the most prominent form of operating banking malware, replacing former frontrunner CryptoWall.

Scroll to Top