The Week in Ransomware - October 14th 2022 - Bitcoin Trickery
- October 14, 2022
- 06:36 PM
This week's news is action-packed, with police tricking ransomware into releasing keys to victims calling ransomware operations liars.
The most interesting news this week is about the Dutch Police and Responders.NU working some trickery on the DeadBolt Ransomware operation that caused them to fork over 155 decryption keys for victims.
We also learned some information about some attacks that were made public recently.
Healthcare org CommonSpirit admitted this week that they suffered a ransomware attack. However, ADATA denies they suffered a recent attack by RansomHouse and says the data is being recirculated from a 2021 breach by RagnarLocker.
Contributors and those who provided new ransomware information and stories this week include: @struppigel, @VK_Intel, @serghei, @BleepinComputer, @billtoulas, @LawrenceAbrams, @malwareforme, @demonslay335, @FourOctets, @jorntvdw, @PolarToffee, @Ionut_Ilascu, @Seifreed, @fwosar, @malwrhunterteam, @DanielGallagher, @AuCyble, @UID_, @linuxct, @MsftSecIntel, @ahnlab, @Amermelsad, @TrendMicro, and @pcrisk.
October 8th 2022
October 10th 2022PCrisk found a VoidCrypt variant that appends the .solo extension and drops a ransom note named unlock-info.txt.
October 11th 2022
October 12th 2022
October 13th 2022
PCrisk found a new Dharma variant that appends the .CYBER extension to encrypted files and drops a ransom note named CYBER.txt.
October 14th 2022
Sebastien Vachon-Desjardins, an affiliate of the Netwalker ransomware gang, it tried returning the funds to Canadian victims. Some organizations refused to acknowledge being hit, she said.