The Week in Ransomware – December tenth 2021
This week has fairly a little bit of ransomware information, together with arrests, a brand new and complicated ransomware, and an assault bringing down 300 supermarkets in England.
This week’s largest story is a legislation enforcement operation performed by the FBI and Ontario Provincial Police (OPP) that arrested a Candian ransomware affiliate allegedly concerned in lots of of assaults.
We additionally discovered concerning the new ALPHV (aka BlackCat) ransomware that seems to be some of the subtle ransomware households we have now seen this 12 months.
Lastly, this week’s largest recognized ransomware assault was on James Corridor and Co, which affected point-of-sale techniques and led to the momentary closing of over 300 Spar supermarkets in England. This week’s different recognized assault is on Nordic Selection Resorts by the Conti ransomware gang.
Contributors and those that supplied new ransomware info and tales this week embrace: @Ionut_Ilascu, @FourOctets, @PolarToffee, @fwosar, @jorntvdw, @malwrhunterteam, @malwareforme, @LawrenceAbrams, @serghei, @Seifreed, @demonslay335, @billtoulas, @Ax_Sharma, @BleepinComputer, @VK_Intel, @DanielGallagher, @struppigel, @Boanbird, @GDATA, @pancak3lullz, @fbgwls245, @pcrisk, and @Amigo_A_, and @ValeryMarchive.
December fifth 2021
New BigLock Ransomware variant
dnwls0719 discovered a brand new BigLock variant that appends the .t1000 xtension.
December sixth 2021
A whole bunch of SPAR shops shut down, change to money after cyberattack
Roughly 330 SPAR retailers in northern England face extreme operational issues following a weekend cyberattack, forcing many shops to shut or change to cash-only funds.
New Dharma Ransomware variants
PCrisk discovered two new Darhma variants that append the .Deeep and .DC extensions.
New STOP Ransomware variant
PCrisk discovered a brand new STOP ransomware variant that appends the .hgsh extension.
December seventh 2021
Nordic Selection Resorts hit by Conti ransomware, no ransom demand but
Nordic Selection Resorts has now confirmed a cyber assault on its techniques from the Conti ransomware group.
New Cerber ransomware targets Confluence and GitLab servers
Cerber ransomware is again, as a brand new ransomware household adopts the outdated title and targets Atlassian Confluence and GitLab servers utilizing distant code execution vulnerabilities.
STOP Ransomware vaccine launched to dam encryption
German safety software program firm G DATA has launched a vaccine that may block STOP Ransomware from encrypting victims’ information after an infection.
Alleged ransomware affiliate arrested for healthcare assaults
A 31-year outdated Canadian nationwide has been charged in connection to ransomware assaults towards organizations in america and Canada, a federal indictment unsealed at the moment exhibits.
December eighth 2021
New VoidCrypt ransomware variant
dnwls0719 discovered a brand new VoidCrypt variant that appends the .wixawm extension.
December ninth 2021
ALPHV BlackCat – This 12 months’s most subtle ransomware
The brand new ALPHV ransomware operation, aka BlackCat, launched final month and might be probably the most subtle ransomware of the 12 months, with a highly-customizable characteristic set permitting for assaults on a variety of company environments.
December tenth 2021
Volvo Vehicles discloses safety breach resulting in R&D knowledge theft
Swedish carmaker Volvo Vehicles has disclosed that unknown attackers have stolen analysis and improvement info after hacking a few of its servers.
Ransomware: How the LockBit 2.0 franchise artificially inflates its numbers
Some backers of the LockBit 2.0 ransomware franchise declare victims they didn’t assault however to whom belong or are returning knowledge stolen in one other assault.
New STOP Ransomware variant
PCrisk discovered a brand new STOP ransomware variant that appends the .mljx extension.
New Phobos Ransomware variant
PCrisk discovered a brand new STOP ransomware variant that appends the .pHv1 extension.
New Dharma Ransomware variant
PCrisk discovered a brand new Dharma ransomware variant that appends the .Xqxqx extension.
That is it for this week! Hope everybody has a pleasant weekend!