Security News > 2020 > December > Vancouver Metro Disrupted by Egregor Ransomware

On the heels of targeting struggling U.S. retailer Kmart, the Egregor gang also disrupted the Vancouver metro system with a ransomware attack.

The attack took place on Dec. 1 and left Vancouver residents and other users of the public transit service unable to use their Compass metro cards or pay for new tickets via the agency's Compass ticketing kiosks, according to media reports.

Though officials did not come out and say Egregor was responsible for the attack-and the threat actors behind the ransomware have not 'fessed up to it either - the ransom note that accompanied the attack points to the group as the culprit.

Put Ransomware on the Run: Save your spot for "What's Next for Ransomware," a FREE Threatpost webinar on Dec. 16 at 2 p.m. ET. Find out what's coming in the ransomware world and how to fight back.

Topics will include the most dangerous ransomware threat actors, their evolving TTPs and what your organization needs to do to get ahead of the next, inevitable ransomware attack.

News URL

https://threatpost.com/vancouver-metro-egregor-ransomware/161892/