WanaCrypt0r – A dive into the code

Wanacrypt0r ransom screen

Introduction During the past few days, as one might expect, we’ve been getting lots of news, reports, and files for the ransomware entitled WanaCrypt0r/WannaCry/WanaCrypt. First and foremost, the good news is that customers of PC Matic SuperShield were protected from WanaCrypt0r the entire time. However, this post aims to provide a technical analysis of how […]

Continue reading


WannaCry Impacted Over 200K Endpoints Wordwide

WannaCry Distributes Biggest Cyber Attack to Date A massive ransomware attack has hit worldwide, impacting various countries and tens of thousands of endpoints.  According to CNBC, over 200,000 malicious attacks were distributed last Friday, May 12, 2017, in over 150 different countries.  However, these statistics are expected to increase as additional information is released. The […]

Continue reading


Providence Law Firm Pays Cyber Criminals, Files Remained Locked

Providence Law Firm Pays Cyber Criminals Thousands A prominent law firm, located in Providence, Rhode Island, was hit with ransomware three months ago.  Their systems are back to normal after the attack hit, but not until after they paid the cyber criminal thousands. The law firm was hit with an unknown ransomware variant months ago. […]

Continue reading


Greenway Health Struggles to Recover After Ransomware Hit

Ransomware, the malicious software that locks files until a payment demand is made, has recently hit Greenway Health, located in Carrollton, Georgia.  Greenway Health is an electronic health records vendor.  Total, they serve over 75,000 different healthcare facilities. The ransomware strike occurred last week; however, some of the Greenway Health users are still unable to […]

Continue reading


45% of SMBs Don’t Retrieve Files After Paying Ransom Demands

SMBs Short Changed After Meeting Cyber Criminals Demands One of the many risks ransomware victims face is, the likelihood they pay the ransom but don’t get the decryption keys to actually unlock their files.  In a recent study done by SpiceWorks, a shocking 45% of small and medium sized businesses (SMBs) are not retrieving their […]

Continue reading


Newark City Hall Held Hostage – $30K Ransom Demanded

Ransomware Strikes Again… This time, it was the City Hall in Newark, New Jersey.  The attack reportedly began on Friday, April 21st, and continued to spread over the weekend.  According to KnowBe4, Seth Wainer, Chief Information Officer for the City of Newark, reported, “The virus compromised our network and disrupted many services that we offer. […]

Continue reading


Erie County Medical Systems Remain Down Almost Two Weeks After Attack

Erie County Medical Center Remains Down 13 Days After Attack Erie County Medical Center, located in Buffalo, New York was recently hit with a virus, leaving its systems down for the last 13 days.  Although the medical facility has yet to confirm the virus was ransomware, Buffalo News made reports, that is indeed the case. […]

Continue reading


Locky Ransomware Variant Returns with a Vengeance

Old Ransomware Returns with A Bang Many reports have reported 2016 as the year of ransomware.  This can much attributed to the ransomware variant, Locky.  However, in 2017, Locky ransomware has been on somewhat of a hiatus.  This lead to another ransomware variant, Cerber, becoming the most popular ransomware of 2017. However, it appears Locky […]

Continue reading


Rensenware Wants You to Play — Not Pay

Rensenware Demands Victims Earn Their Files Back Ransomware, the malicious software that locks your files and demand a payment to retrieve them, was recently taken to a different level.  A new ransomware variant, deemed Rensenware, locks your files and demands the victims play a game, Touhou Seirensen.  Victims have to earn 200 million points on […]

Continue reading


ABCD Pediatrics Breached and Hit with Ransomware

ABCD Pediatrics Hit Twice by Cyber Criminals Another ransomware attack was reported, this time by ABCD Pediatrics, located in San Antonio, Texas.  Ransomware reports have sadly become the norm lately, but this one is a bit different.  Not only was the medical facility hit with ransomware, their IT department also reported unknown user IDs created, […]

Continue reading


Oahu Man Falls Victim to Ransomware Attack

Ransomware Victim Pays $599 and Remained Hacked After clicking on a malicious ad, an Oahu man found himself the victim of a ransomware attack.  The man clicked on the ad, to immediately have his files be encrypted by the cyber criminals.  The ransomware message from the hackers, displayed a support phone number for the victim […]

Continue reading


Forsyth Public Schools Overrun with Malware

Forsyth Schools Hacked Forsyth Public Schools, located in Montana was the victim of a major hack over the weekend.  They are uncertain when the hack began, but was identified on Saturday, April 1, 2017.  According to Last Best News, the school received three emails prior to the attack, saying they had to pay a ransom […]

Continue reading


Dutch Parliament “Briefly” Hit with Ransomware

Are the Turks responsible for the ransomware hit on the Dutch Parliament? As previously reported, there has been some hostility overseas between Turkey and Germany and the Netherlands.  Germany and the Netherlands have banned Turkish ministers from campaigning in their regions for an upcoming election.  This ban has caused strains between the three areas, which […]

Continue reading


Another Urology Clinic Hit With Ransomware

Another Urology Clinic is Victimized In late 2016, the Metropolitan Urology Group was hit with ransomware.  Now, Urology Austin, located in Austin, Texas, just released they were hit with ransomware on January 22, 2017.  Ransomware, the malware that locks critical files and demands a payment from the victim to release the files, has been taking the […]

Continue reading


Richmond Housing Agency Loses Data After Ransomware Attack

Richmond Housing Agency Lost a Month’s Worth of Data The Richmond Housing Agency, in Indiana, was recently hit with a ransomware attack.  The systems were infected in on February 27, 2017.  The ransomware variant is believed to have ties back to India.  After encrypting the housing agency’s systems, hackers demanded $8,000 to restore the company’s […]

Continue reading


Metropolitan Urology Group Suffers Breach Due to Ransomware Attack

Metropolitan Urology Group Found Patient Information Leaked During Ransomware Attack In November, 2016, the Metropolitan Urology Group (MUG) was hit with a ransomware attack.  Two months later, in January, 2017, MUG discovered the hackers obtained private, patient information during the attack.  The patients impacted are those who rendered services between 2003 and 2010.  The information exposed […]

Continue reading


Appropriate Defense Against Ransomware is Not Backups

The Today Show featured another piece on cyber security today, this time discussing ransomware.  During which, Tom Costello claimed the best way to protect yourself from a ransomware attack is to back up your data.  This cannot be further from the truth.  First of all, backups do not protect you from becoming a victim of ransomware.  It can be […]

Continue reading


Wood River Police Department Catches Ransomware Before Major Issues Presented

Wood River Police Department of Illinois Hit With Ransomware According to The Telegraph, on March 5, 2017 the Wood River Police Department was hit with a malicious phishing attack that included ransomware.  The phishing attack was successful, infecting one computer.  However, the issues that presented after the attack set off red flags for the officers. […]

Continue reading


State Senate Crippled After Ransomware Attack

PA State Senate Ransomware Attack Pennsylvania senators were unable to access their computer networks and data after ransomware took over the Pennsylvania Senate’s computer systems.  According to 10 TV, the attack hasn’t affected the state’s networks, which are separate from the Senate’s computers. The ransomware variant that successfully infiltrated the Senate’s system is not being disclosed, nor […]

Continue reading


Corporations Boost Bitcoin Supply in Preparation for Ransomware Attacks

Companies Are Prepping to Pay Cyber Criminals According to Coin Telegraph, many corporations are preparing for ransomware attacks by increasing their supply of the non-traceable currency, bitcoins.  Since bitcoins are not traceable, it is typically the currency of choice by hackers. Am I the only one who thinks this is absolutely absurd? Malware attacks of […]

Continue reading


2.2M Voice Recordings Leaked From Children’s Toy, CloudPets

CloudPets Breached Leaving 820k Users Exposed The children’s toy, CloudPets, has been breached, leaving 820,000 users exposed.  This led to an estimated 2.2 million voice recordings between parents and their children being leaked.  What is most shocking is just how avoidable this data breach was. According to Troy Hunt, the platform the toy used, MongoDB, did […]

Continue reading


Bingham County Struggles to Recover After Ransomware Attack

Bingham County Taken Offline After Ransomware Attack Bingham County of Idaho continues to struggle to get all of their systems back online after ransomware hit their systems last Wednesday.  On February 15, 2017 the county first discovered the ransomware.  Every county office has been impacted in some way, whether it is their phones, database, or […]

Continue reading


75% of Ransomware Developed Has Russian Ties

Russians Lead In Ransomware Development Russian based security company, Kaspersky, has confirmed 75% of crypto ransomware was developed by Russians or Russian-speaking individuals.  To some, that may be surprising.  For others, it may validate what they’ve assumed all along. According to Computing, there were 47 crypto ransomware variants that were developed by Russians or Russian-speaking individuals in 2016.  All […]

Continue reading


Illinois Police Department Corrupted With Ransomware

The Telegraph recently reported another ransomware attack, this time taking down an Illinois police department.  Roxana Police Department is remaining tight-lipped regarding the issue, but did confirm their systems have been infected with ransomware.  However, here is what we don’t know: When the attack took place How the ransomware got onto the police department’s systems The […]

Continue reading


UK City Council Loses Two Years Of Data After Ransomware Strikes

According to Mirror, UK City Council located in Tiverton has just lost two years worth of data after a town clerk, John Vanderwolfe, clicked on a malicious attachment.  Vanderwolfe stated clicking on the link was a lapse in judgement.  He said instead of populating the data he expected after clicking the link, it just came up as a […]

Continue reading


Ohio Government Completely Paralyzed After Ransomware Attack

Ransomware Hit County Government Hard… After a vicious ransomware attack, the Licking County websites, phones, computers and county’s network have been taken offline.  The systems are projected to remain offline until the end of this week.  The problem was discovered Tuesday evening, and critical systems were immediately taken offline.  The specific ransomware variant is not being disclosed, […]

Continue reading


Professor Infects California Nursing School With Ransomware

In November, 2016, a professor at California nursing school, Gurnick Acadamy, was attempting to access his lectures. The lectures were saved on an external storage device, which he plugged into his work PC.  It was then, he realized his lectures were gone.  Completely encrypted.  He contacted the school’s IT department for assistance.  Luckily, the IT department worked not […]

Continue reading


Ransomware Locks 80 Hotel Guests Out of Their Rooms

Hackers Paid to Restore System After Ransomware Locks Guests Out of Rooms Top European hotel, Romantik Seehotel Jägerwirt, located in Austria, was recently infected with ransomware.  The variant, although unknown, took complete control of the hotel’s day-to-day operations.  This included not only encrypting hotel files, but also interrupting their electronic key system for guest rooms. Due to […]

Continue reading


D.C. Surveillance Cameras Inoperable After Ransomware Attack

Surveillance Cameras Infected With Ransomware Days before Trump’s inauguration, the Metropolitan Police Department discovered 123 surveillance cameras were inoperable due to two separate ransomware infections.  The infections were found on January 12th and by January 15th the systems had been restored.  Investigators resolved the issues by identifying and disconnecting the infected devices.  All of the […]

Continue reading


“Bluff” Ransomware Reels in Thousands of Dollars

The threat of ransomware continues to grow on a daily basis.  Hackers are aware of this, and continue creating new ransomware variants to victimize new individuals.  It is now clear, just the thought of being infected has become enough to pay. “Bluff” Ransomware Who would’ve predicted cyber criminals would just send the ransom note, without actually infecting […]

Continue reading


Cockrell Hill Police Department Loses 8 Years Worth of Evidence to Ransomware

Cockrell Hill Police Department Takes Massive Hit Cockrell Hill Police Department, located in Cockrell Hill, Texas, has recently lost eight years of police evidence after a ransomware attack.  According to Bleeping Computer, the attack was discovered on December 12, 2016. The ransomware variant used to encrypt the police department’s data is not being disclosed.  The police […]

Continue reading


Horse Racing Site Forced Offline After Third Consecutive Ransomware Attack

Three Strikes–You’re Out! Racing Pulse, a popular horse racing website that is based out of Bangalore, India, was forced offline on January 17, 2017 after suffering its third ransomware attack in a week.  The last, and most critical, encrypted their entire site. Dharma ransomware, the variant that took down Racing Pulse, encrypted all of the website’s data.  The […]

Continue reading


St. Louis City Public Library No Longer Offering Free PC Use

Update 1/27/2017: After two days, the St. Louis City Public Library technical staff was able to fix the impacted computers.  The system hard drives were wiped completely and restored with available back-ups.  The St. Louis City Public Library is currently unable to offer free computer use to the community due to a ransomware attack that […]

Continue reading


Hackers Demand $43K To Restore Indiana Cancer Services’ Systems

Cyber criminals have hit a new low, proving they don’t care who their victims are as long as it may lead to a large payout.  According to Network World, hackers breached Indiana Cancer Services’ systems on January 10, 2017.  They then encrypted a server, followed by a ransom demand of $43,000 to restore this server. […]

Continue reading


Ransomware Victimizes Kanawha County Schools

Kanawha County Schools Struggles To Regain Access Another county school was victimized by ransomware this week.  Kanawha County Schools, located in Charleston, West Virginia was hit with ransomware on January 11, 2017.  As of today, January 13, 2017, the school continues to work on regaining access to their encrypted files. Officials are not reporting the […]

Continue reading


The Latest Ransomware Craze – Holding MongoDB Databases Hostage

As if our jobs as IT admins isn’t difficult enough, hackers have taken to finding misconfigured MongoDB databases, and are holding them hostage, until a ransom has been paid. Similar to traditional ransomware, where files on a computer are encrypted until a fee has been paid, databases, are being held hostage, instead. The modus operandi […]

Continue reading


Four Months After Infection, Medical Facility Discloses Ransomware Attack

Ransomeware hit yet another medical facility.  On August 30, 2016, ransomware struck the Susan M. Hughes Center, impacted both office locations.  The Center is located in Glen Mills, Pennsylvania and Cherry Hill, New Jersey.  This attack impacted over 11,000 patient records.  However, the Center did not inform the patients of the security issue until late […]

Continue reading


LA Community College District Pays $28K to Retrieve Locked Files

The first publicized ransomware attack of 2017 is a hefty one! After returning to school after the holiday break, Los Angeles Valley College found their computer files were inaccessible.  It didn’t take long for the college to determine it was a malicious cyber attack that took down their systems.  According to The Washington Times, the school notified […]

Continue reading


Ransomware Offers Decryption Keys if Victim Educates Themselves on Cyber Security

Ransomware, malware that encrypts your files and holds them for ransom, has taken an interesting turn.  Typically after encryption, the cyber criminals make a payment demand in order for the decryption keys to be sent to the victim.  However, a new ransomware has hit the market that makes a slightly different demand. Ransomware Offers Free […]

Continue reading


Another California Medical Center Struck With Ransomware

Ransomware Strikes Another California Medical Center This has been a rough year for California medical institutions being victimized by ransomware.  Another medical facility, East Valley Community Health Center, located in West Covina was struck with ransomware in October of 2016.  Reports by Health Data Management state the facilities computer systems were fixed within a day of the […]

Continue reading


Why Ransomware Continues to Spread

2016 – The Year of Ransomware CIO from IDG recently published an article regarding the upswing our nation has seen in ransomware infections in 2016.  It is without a doubt, 2016 has been the year of ransomware.  However, very little headway has been made to prevent future infections.  It seems the common consensus is to throw […]

Continue reading