1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Microsoft claims this devious ransomware gang is attacking school

    From TechnologyDaily@1337:1/100 to All on Wed Oct 26 19:00:03 2022
    Microsoft claims this devious ransomware gang is attacking schools

    Date:
    Wed, 26 Oct 2022 17:47:58 +0000

    Description:
    US schools targeted with different ransomware strains including BlackCat.

    FULL STORY ======================================================================

    A well-known ransomware operator has been targeting schools in the United States, using a signature move of ransomware payload swapping, experts have claimed.

    A report from Microsoft researchers claim to have observed Vice Society
    switch up ransomware payloads in attacks against schools in the US between July and October this year.

    The companys latest cybersecurity report claims the group regularly swaps between BlackCat, QuantumLocker, Zeppelin, and a Zeppelin variant modified to carry Vice Societys brand identity. Since September, though, they also
    started deploying a modded version of the RedAlert payload, which adds the .locked file extension to all the files it encrypts. Stealing sensitive data

    The group has also reportedly been using the HelloKitty/Five Hands
    ransomware, as well, and in some cases, Microsoft added, the group skips the encryption part altogether and just steals the data. Later, it threatens to release it to the public unless the ransom demand is met.

    "In several cases, Microsoft assesses that the group did not deploy
    ransomware and instead possibly performed extortion using only exfiltrated stolen data," Microsofts report reads. "The shift from a ransomware as a service (RaaS) offering (BlackCat) to a purchased wholly-owned malware offering (Zeppelin) and a custom Vice Society variant indicates DEV-0832 has active ties in the cybercriminal economy and has been testing ransomware payload efficacy or post-ransomware extortion opportunities." Read more

    Data leaked following LA schools ransomware attack


    Ransomware is affecting more businesses than ever this year


    Check out the best antivirus solutions out there

    In September 2022, Vice Society released 500GB worth of sensitive data belonging to the Los Angeles Unified School District (LAUSD). The threat
    actor managed to encrypt LAUSDs endpoints, but not before making away with folders named SSN, Secret and Confidential, Passport, and Incident.

    The organization confirmed it had no intention of paying the ransom demand: "Los Angeles Unified remains firm that dollars must be used to fund students and education," the organization had said. "Paying ransom never guarantees
    the full recovery of data, and Los Angeles Unified believes public dollars
    are better spent on our students rather than capitulating to a nefarious and illicit crime syndicate."

    LAUSD encompasses more than a thousand schools, 26,000 teachers, and 600,000 students. Here's our rundown of the best cloud backup solutions out there

    Via: BleepingComputer



    ======================================================================
    Link to news story: https://www.techradar.com/news/microsoft-claims-this-devious-ransomware-gang-i s-attacking-schools/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)