FBI warns of Vice Society ransomware attacks on school districts


Level 78
Thread author
Honorary Member
Top Poster
Content Creator
Apr 24, 2016
FBI, CISA, and MS-ISAC warned today of U.S. school districts being increasingly targeted by the Vice Society ransomware group, with more attacks expected after the start of the new school year.

"The FBI, CISA, and the MS-ISAC have recently observed Vice Society actors disproportionately targeting the education sector with ransomware attacks," today's joint advisory reads.

They also "anticipate attacks may increase as the 2022/2023 school year begins and criminal ransomware groups perceive opportunities for successful attacks."

The joint advisory also provides network defenders with Vice Society indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) observed by the FBI in attacks as recently as September 2022.

"The FBI, CISA, and the MS-ISAC encourage organizations to implement the recommendations in the Mitigations section of this CSA to reduce the likelihood and impact of ransomware incidents," the advisory adds.

Attacks on the education sector, mainly targeting kindergarten through K-12 institutions, have a massive impact on their operations, ranging from restricted access to networks and data, delayed exams, and canceled school days to the theft of personal information belonging to students and school staff.

One such attack was disclosed today by Los Angeles Unified (LAUSD), the second largest school district in the U.S., after a ransomware attack took down some of its Information Technology (IT) systems over the weekend—LAUSD hasn't yet attributed the attack to a specific ransomware gang.


Staff Member
Malware Hunter
Jul 27, 2015
The clock is ticking for the Los Angeles Unified School District (LAUSD) — the second largest in the country. Following a ransomware attack at the beginning of the month, it has now has been given an ultimatum: meet Vice Society's ransom payment demands or have their data released to the public for anyone, including phishers and other cybercriminals, to access.

Brett Callow, a threat analyst for Emsisoft, shared a screen capture of the Vice Society leak site that shows the ransomware group is threatening to publish the goods in just a few days. "The papers will be published by London time on October 4, 2022 at 12:00 a.m." the notice read. The district has not provided an update on the types of information the cyberattackers are threatening to release, one district parent told Dark Reading.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.