Security News > 2021 > March > The Week in Ransomware - March 5th 2021 - Targeting service providers
This week we have seen ransomware attacks targeting online service providers and MSPs to not only encrypt the victim but also cause significant outages for their customers.
As for new ransomware, we continue to see new variants released and new in-development threats, such as a strange one that only decrypts victims if they join the threat actor's Discord server.
The transport system for the Australian state of New South Wales has suffered a data breach after the Clop ransomware exploited a vulnerability to steal files.
When Viruses Mutate: Did SunCrypt Ransomware Evolve from QNAPCrypt? This report uses both dark web research and malware analysis to investigate the connection between the affiliate ransomware service known as SunCrypt and the QNAPCrypt ransomware, the latter of which was used against QNAP and Synology devices back in 2019.
While the two ransomware are operated by distinct different threat actors on the dark web, there are strong technical connections in code reuse and techniques, linking the two ransomware to the same author.
US managed service provider CompuCom has suffered a DarkSide ransomware attack leading to service outages and customers disconnecting from the MSP's network to prevent the spread of malware.