Gandalf_The_Grey
Level 82
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
- Apr 24, 2016
- 7,189
While ransomware attacks decreased after the LockBit and BlackCat disruptions, they have once again started to ramp up with other operations filling the void.
A relatively new operation called RansomHub gained media attention this week after a BlackCat affiliate used the newer operation's data leak site to extort Change HealthCare once again.
Change HealthCare allegedly already paid a ransom, which was stolen from an affiliate in an exit scam by the BlackCat/ALPHV ransomware operation. However, the affiliate behind the attack claims to have kept the stolen data and is now extorting the company again through RansomHub.
So far, the Change Healthcare attack has cost UnitedHealth Group $872 million, with losses expected to continue.
Another disruptive attack we learned more about this week is the Daixin operation claiming the cyberattack on Omni Hotels. This attack caused the hotel chain to shut down its IT systems, impacting reservations and requiring hotel staff to let guests into their rooms.
Other attacks targeted chipmaker Nexpira, the United Nations Development Programme (UNDP), Octapharma Plasma, and the Atlantic States Marine Fisheries Commission (ASMFC).
There were other cyberattacks this week, such as the one on Frontier Communications, but they have not been confirmed to be ransomware.
In other news, the U.S. Justice Department charged a Moldovan national for running a large-scale botnet that infected thousands of computers and deployed ransomware.
Last but not least, the FBI reported that the Akira ransomware operation had earned $42 million from 250+ victims, and HelloKitty returned, rebranding as HelloGookie.
The Week in Ransomware - April 19th 2024 - Attacks Ramp Up
While ransomware attacks decreased after the LockBit and BlackCat disruptions, they have once again started to ramp up with other operations filling the void.
www.bleepingcomputer.com