Latest Ransomware News and New File Extensions Muji (via Supplier Attack): New Encrypted File Extension: Not specified. Attack Methods: Supply chain attack; a ransomware attack on the company’s delivery partner, Askul, caused a logistics outage. Targets: Japanese retail company Muji was impacted, while its supplier, Askul, was the direct target. Decryption Status: No known decryption …
Latest Ransomware News and New File Extensions Qilin: New Encrypted File Extension: Not specified in the provided data. Attack Methods: Victim data published on the group’s data leak site as part of a double-extortion strategy. Specific intrusion vectors are not detailed. Targets: A wide range of global organizations across various sectors including healthcare (London Women’s …
Latest Ransomware News and New File Extensions Rhysida: New Encrypted File Extension: Not specified in the articles. Attack Methods: Abused over 200 revoked Microsoft Azure digital certificates to sign malicious, fake Microsoft Teams binaries, which were then used to deploy the ransomware. Targets: Healthcare sector (e.g., Hematology Oncology Consultants) and other organizations susceptible to fake …
Latest Ransomware News and New File Extensions Rhysida: New Encrypted File Extension: Not specified. Attack Methods: A recent campaign involved using over 200 fraudulently signed certificates to sign malicious binaries, particularly fake Microsoft Teams setup files. This method was used to deliver the Oyster backdoor, which then deployed the Rhysida ransomware. Targets: The certificate-abusing campaign …
Latest Ransomware News and New File Extensions Rhysida: New Encrypted File Extension: Not specified in the articles. Attack Methods: Distributing fake Microsoft Teams installers signed with fraudulently revoked certificates. These installers deploy the Oyster backdoor, which is then used to deploy the Rhysida ransomware. Targets: Broadly targeting organizations, including a German manufacturing company (GEIGER), a …
Latest Ransomware News and New File Extensions Qilin: New Encrypted File Extension: Not specified in the articles. Attack Methods: Not specified in the articles; the group posts victim data on its leak site. Targets: A wide range of global organizations across multiple sectors, including transportation (All Truck Transportation, Volkswagen Group France), real estate (Charles River …
Latest Ransomware News and New File Extensions Qilin: New Encrypted File Extension: Not specified. Attack Methods: Not specified in the provided articles; primary tactic appears to be data exfiltration and extortion. Targets: A wide range of sectors including Electric Cooperatives (Karnes Electric, San Bernard Electric), Banking (Bank3), Government (hautsdefrance.fr), and various manufacturing/technology firms in the …
Latest Ransomware News and New File Extensions Coinbasecartel: New Encrypted File Extension: Not specified in the articles. Attack Methods: Not specified in the articles. Targets: Multiple organizations across various sectors, including logistics (PLC-Transportation, dsv.com, Kuehne + Nagel), financial consulting (Borrowell.com), legal services (Legal Boutique), software (Canias ERP), and healthcare (Carewell). Decryption Status: No known public …
Latest Ransomware News and New File Extensions LockBit: New Encrypted File Extension: Not specified in the article. Attack Methods: Abusing the legitimate open-source digital forensics and incident response (DFIR) tool “Velociraptor” for malicious activities post-compromise. Targets: General targets; specific entities not mentioned in this campaign. Decryption Status: No known public decryptor for recent versions. Source: …
Latest Ransomware News and New File Extensions LockBit / Babuk: New Encrypted File Extension: Not specified. Attack Methods: Abusing the Velociraptor digital forensics and incident response (DFIR) tool to maintain persistent access to compromised networks. Targets: General corporate networks. Decryption Status: No specific information available. Source: [URL not provided in source data] ShinyHunters (Extortion Group): …