Security News

Ransomware attacks continue over the past two weeks with a continuation of the massive initial ransom demands we have seen recently. As ransomware stalks the manufacturing sector, victims are still keeping quiet In addition to Norsk Hydro, CyberScoop requested interviews with a dozen manufacturers in Europe and the U.S. that have reportedly had their production disrupted by ransomware incidents in the last two and half years.

UPDATE. The Conti Gang has demanded a $40 million ransom from a Fort Lauderdale, Fla., school district after a ransomware attack last month. New details have emerged on DataBreaches.net, which recently posted a screenshot of a chat between attackers and a school district official about the sum of money attackers demanded.

Some of the top ransomware gangs are deploying a new pressure tactic to push more victim organizations into paying an extortion demand: Emailing the victim's customers and partners directly, warning that their data will be leaked to the dark web unless they can convince the victim firm to pay up. Several gigabytes of the company's files - including employee tax and financial records - have been posted to the victim shaming site for the Clop ransomware gang.

On March 19, the Ziggy ransomware administrator said that they also wanted to return the money to the victims that paid the ransom. Today, after a week of silence, the admin said that they were ready to revert payments.

A ransomware operation known as 'Clop' is applying maximum pressure on victims by emailing their customers and asking them to demand a ransom payment to protect their privacy. After the Clop gang stole data from jet maker Bombardier in an Accellion hack, they leaked a small amount on their ransomware data leak site.

Dnwls0719 found a new Rapid ransomware variant that appends the. Xiaopao found a new variant of the Xorist ransomware that appends the.

USDT cryptocurrency developer Tether has said they are being extorted by threat actors who are demanding 500 bitcoins, or approximately $24 million, not to leak allegedly stolen emails and documents. While Tether has stated that the documents circulating online are forged, they revealed yesterday that they received a ransom note demanding 500 bitcoins or this alleged data dump will be publicly released online.

Kia Motors America has suffered a ransomware attack by the DoppelPaymer gang, demanding $20 million for a decryptor and not to leak stolen data. Kia Motors America is headquartered in Irvine, California, and is a Kia Motors Corporation subsidiary.

Polish game developer CD Projekt Red has been hit by hackers, who breached its internal network, stole data, encrypted some devices, and asked for a ransom to not sell of leak online sensitive company documents and the source code of some of their more popular games. The company categorized the attack as targeted, and admitted that the attacker managed to access the company's internal network and "Collected certain data belonging to CD PROJEKT capital group."

CD Projekt Red, the Polish developer of Cyberpunk 2077 and The Witcher 3, has disclosed a major security incident in which several company systems were encrypted and confidential data stolen. "If we will not come to an agreement, then your source codes will be sold or leaked online and your documents will be sent to our contacts in gaming journalism," wrote the attackers, who added CD Projekt Red had a 48-hour deadline to respond to their demands.