Illinois High School Victim of Targeted Ransomware Attack

J. Sterling Morton High School Targeted Victim of Ransomware J. Sterling Morton High School, located in Cicero, Illinois has been the victim of a targeted ransomware attack.  The ransomware is being delivered through a student survey specifically designed for J. Sterling Morton high school students.  As seen below, the survey is poorly designed, but students […]

Continue reading


Ransomware Attacks Tennessee City Offices

Ransomware Strikes Spring Hill, Tennessee The City of Spring Hill was hit with an unknown ransomware variant last Friday.  After encrypting the city’s files, the hackers demanded $250,000 to restore the systems.  City officials reported they contacted the appropriate law enforcement and chose not to pay the ransom.  Instead they are going to restore the […]

Continue reading


New Bill Proposed to Address Cyber Threats in Medical Industry

In 2017, there have been over 20 medical facilities that were infected with ransomware.  It remains uncertain how many of these facilities paid the ransom demands; however, each and every one of them reported issues with patient care due to the ransomware infection.  These issues range from the inability to access patient records, to turning […]

Continue reading


Ransomware Attacks Kansas Non-Profit

Hackers Breach Kansas Non-Profit Center, Locking Files for Ransom Cyber criminals were able to breach Kansas non-profit facility, East Central Kansas Area Agency on Aging of Ottawa, Kansas.  The hack occurred in September and took a full two months to fully investigate.  The hackers were able to execute a successful breach of the non-profit agency, which […]

Continue reading


Hackers Expose Student Data, Then Demand $30,000

Hackers Demand $30,000 or Else… Ransomware, or malicious software that locks data and demands a payment to unlock it, isn’t something uncommon.  Unfortunately, ransomware has become one of today’s largest cyber security threats.  Therefore, it should come as no surprise that yet another ransomware attack has hit Canadian college, University of Fraser Valley.  Although, these […]

Continue reading


96% of Employees and Businesses Paid Ransom Demands

Majority of Employees Personally Pay Ransom Demands In a survey completed by Intermedia, it was found that a vast majority of employees paid up after being hit with ransomware.  Ransomware is a malicious software that infiltrates devices, servers, and networks which encrypts data.  After encryption a ransom note will be displayed, stating in order to […]

Continue reading


Latest Ransomware, Bad Rabbit, Takes the World by Storm

Third Global Ransomware Attack of 2017 First, there was WannaCry, which hit the globe in mid-May.  Second, came NotPetya in June.  Third, was the latest global ransomware attack, Bad Rabbit.  This ransomware variant is believed to originate in Russia.  However, it quickly spread throughout Ukraine, targeting various transportation systems.  Avast also reported infections in Poland, […]

Continue reading


Ransomware Demand Increases 2500%

Ransomware Sales Exploding on the Dark Web According to International Business Times (IBT), a new study was released confirming a significant rise in demand for the malicious software, ransomware.  The study showed 6,300 websites offering ransomware, with an additional 45,000 ads promoting the malicious software.  The price points ranged from $0.50 to $3,000.  The large […]

Continue reading


NY Hospital Dumps $10M to Rebuild Systems After Ransomware Attack

Ransomware completely took over Erie County Medical Center’s (ECMC) computer systems in April.  The malware completely corrupted the systems, and the hackers demanded $30,000 in ransom if they wanted the systems restored.  Instead, the medical facility spent approximately $10 million to rebuild its systems.  Roughly half of those funds were the cost of hardware, software, and […]

Continue reading


Ransomware Attacks Denver Metro Area

City’s Internal Systems Taken Offline After Cyber Attack The City of Englewood, a metropolitan area of the Denver-Aurora Colorado area, was hit with ransomware on October 3rd.  Once officials determined the systems had been compromised, they were taken offline in an attempt to prevent the ransomware from spreading.  The infection impacted all of the city’s […]

Continue reading


Locky Ransomware Returns as Ykcol

Locky Encrypts Files Leaving a .Ykcol Extension A new Locky variant has been released into the wild and upon initial review it led researchers to a believe it was a new strain entirely, called Ykcol.  However, after additional review, experts have confirmed Ykcol is another version of Locky. The email subject line has been confirmed […]

Continue reading


128K Patients Potentially Impacted After Ransomware Hit

Arkansas Medical Facility Faces Potential Breach After Ransomware Attack An estimated 128,000 patient files may have been compromised as a result of being the victim of a ransomware hit.  In July, the Arkansas Oral Facial Surgery Center in Fayetteville was struck with ransomware.  Although the malicious attack was identified promptly, there were still patient files, x-ray […]

Continue reading


Hackers Demand $19K After Infecting California School District

San Ysidro School District Suffers Ransomware Attack On September 16th, San Ysidro School District of California was hit with a ransomware attack.  The ransomware impacted emails from August through the middle of September, as well as select computer files.  After encryption, an automated message was sent to the district demanding $19,000 to restore the emails […]

Continue reading


$301M Paid in Ransoms by SMBs in One Year

SMBs Continue to be Hacker’s Target A recent study, State of the Channel Ransomware Report, collected data on over 100,000 small and medium-sized businesses (SMBs) regarding the cyber threat, ransomware.  The information collected was based on data from the second quarter of 2016 through the second quarter of 2017.  It was found, fewer SMBs were […]

Continue reading


Montgomery County Alabama Suffers Massive Ransomware Attack

County Offices Not Functioning After Ransomware Crippled Systems Montgomery County of Alabama has been the latest ransomware attack victim.  The ransomware variant that wormed its way into the county’s systems has not been reported, nor has the ransom demand.  However, government officials stated they are doing everything in their power to restore the county’s systems […]

Continue reading


Top 5 Tips to Combat Ransomware

Top Tips to Keep Your Data Secure Recently Beta News published an article on how, The practical guide to fighting ransomware.  The article listed several tips, timelines for implementation, and explanations why the tips were important.  A vast majority of the information throughout the article was correct and indisputably great advice.  However, a few tips […]

Continue reading


Ransomware Attack Leaves Kansas County Government Without Computer Access

Hackers Target Butler County for Ransomware Attack Over the weekend the Butler County office, located in El Dorado Kansas, with hit a ransomware attack.  The variant has not been disclosed, nor has the ransom demand.  Although the county offices remain open, their computers remain inaccessible due to their systems being encrypted with ransomware.  Butler County […]

Continue reading


Companies Acknowledge The Risk of Ransomware in Their SEC Filings

Companies Aware of Ransomware Threats Many larger companies are aware of the cyber threats their organizations are facing on a daily basis.  To be sure the public is also aware of these threats, these companies have chosen to include cyber security disclosures as part of their SEC filings.  According to the Data Protection Report, the […]

Continue reading


Tennessee Inmates Get New Visitation Rights After Ransomware Took Down Video Visitation

Rutherford County Inmates Get New Visitation Rights The Rutherford County Sheriff’s Office, located in Murfreesboro, Tennessee, has been experiencing issues with their visitation capabilities after ransomware corrupted the video visitation systems.  The sheriff’s office has limited ability to remediate the issue, as the video systems are provided by VizVox.  The Daily News Journal has attempted […]

Continue reading


Ransomware Attack on Delaware Clinic Leaves 19K Patient’s Data Compromised

Delaware Clinic Falls Victim to Ransomware, Leaving Thousands of Patients Potentially Exposed Medical Oncology Hematology Consultants, a medical clinic located in Newark, Delaware was hit with ransomware.  In June, the malicious software riddled the clinic’s servers, leaving over 19,000 patient files potentially exposed.  The patient data compromised includes names, phone numbers, birth dates, as well […]

Continue reading


Ransomware Impacts Massachusetts Public Television for 6 Months

Boylston Massachusetts Public Television Suffers for Five Months After Ransomware Hit As of today, the Boylston public television channels and guides are back to normal.  In March, the station was hit with an unknown ransomware variant.  The ransom demand was not disclosed; however, it appears the demands were not met.  Six months after the attack, […]

Continue reading


South Carolina School District Pays Hackers to Retrieve Data

Hackers Make $2,900 From South Carolina School District Dorchester School District Two, of South Carolina, was hit with ransomware over the summer.  The attack was found when the district discovered over half of its data was inaccessible.  After further investigation, they found 25 servers riddled with an undisclosed ransomware variant.  The school district was unable […]

Continue reading


IRS Issues Ransomware Warning After Malicious Tax Email is Distributed

IRS Releases a Ransomware Warning to All Taxpayers The IRS has issued a new ransomware warning to all taxpayers.  Cyber criminals have begun sending out malicious email campaigns with a “message” from the IRS and FBI.  According to the email, tax payers must download a questionnaire regarding changes to the laws regarding tax compliance.  However, […]

Continue reading


70K Patient Files Exposed After Ransomware Hit Kansas Medical Facility

Ransomware Attack Leaves Thousands of Patient Files Exposed The Salina Family Healthcare Center, located in Salina, Kansas was hit with ransomware in June of 2017.   The ransom demands were not met.  Instead, the infected servers and endpoints were taken offline until they could be scrubbed and backups could be installed.  Now, two months after […]

Continue reading


Ransomware Leads to Over 33K Patient Files Being Leaked

Ransomware Went Undetected for a Month — Exposing Thousands of Patient Files St. Mark’s Surgical Center, located in Fort Myers, Florida was the victim of a ransomware attack in April.  However, the attack was not discovered until May, when the medical facility conducted a forensic investigation.  The event that triggered the investigation is not being […]

Continue reading


Ransomware Attack Creates Breach Concerns for LA Medical Center

LA Medical Center Infected With Ransomware Pacific Alliance Medical Center, located in Los Angeles California, suffered a ransomware attack in mid-June of 2017.  It is because of this attack, concerns of a data breach have risen.  With the hackers having access to the medical center’s systems, it is possible they had visibility to patient files […]

Continue reading


Script Engines Being Used to Distribute New Strain of Spora Ransomware

We’ve recently been covering scripting attacks in more detail on the Malware Research blog. These types of attacks have the ability to be completely fileless, as explained in a previous post. However, scripts also sometimes do come in files or accompany file-based malware. The new strain of Spora malware does just this. It uses a […]

Continue reading


Cerber Ransomware Expands It’s Corruption Power

Cerber is now draining bitcoin wallets, on top of encrypting files Cerber, a ransomware variant that has been notorious for making alterations to its malware to worsen the impact, has done it again.  Now the ransomware variant is targeting bitcoin wallets.  Once infected with Cerber, the malware will search the user’s device for different files […]

Continue reading


Ransomware Attack Creates Breach Concern for SD Medical Facility

Aftermath of South Dakota Medical Facility Ransomware Attack In February of 2017,  Plastic Surgery Associates of South Dakota was hit with a ransomware attack.  The malware left medical records encrypted, completely unavailable to staff.  The medical facility reached out to third-party investigators for assistance.  However, in April, all evidence was lost.  Therefore, it is unclear […]

Continue reading


300K Pennsylvania Patient Files Breached After Ransomware Hit

Pennsylvania Ransomware Attack Leads to Significant Breach An unknown ransomware variant hit the Women’s Health Group, located in Pennsylvania.  The ransomware hit impacted 45 offices.  However, officials reported the encrypted data was restored through the backup system. The ransomware attack also lead to a significant security breach, impacting approximately 300,000 patient files.  The information breached […]

Continue reading


And You Thought WannaCry and NotPetya Were Bad…

Money Wasn’t Their End-Game… Combined, WannaCry and NotPetya, the two global attacks that hit the world in the last 90 days, received payouts of approximately $150,000 USD.  To some it may sound like a lot – but to cyber criminals, that’s nothing.  WannaCry and NotPetya were not in corrupting company data with the end goal […]

Continue reading


Ransomware Investigation Discovered Bigger Issues

Breach discovered during ransomware investigation… The Peachtree Neurological Clinic, located in Atlanta, Georgia was hit with ransomware.  The clinic is not disclosing when the attack took place.  However, they did report not paying the ransom demand and restoring the files internally.  Although, throughout the investigation and remediation process, the medical facility learned of a security breach. […]

Continue reading


Largest San Francisco Radio Station Still Struggling After Ransomware Hit

Impact Still Felt, A Month After Ransomware Attack KQED, the largest radio station in San Francisco is still struggling to get back to day-to-day operations after ransomware took down their computers in mid-June.  Tech Talk first reported the attack on June 17th, just two days after the ransomware hit.  The station’s streaming services were pushed […]

Continue reading


Three Michigan Medical Facilities Corrupted by Ransomware

Caro Medical Facilities Paralyzed by Ransomware Three medical facilities, all tied to the Caro Community Hospital were infected with ransomware on July 5, 2017.  According to WNEM, the Caro Community Hospital, Caro Medical Clinic and the Caro Quick Care were impacted by the ransomware that hit the Caro Community Hospital’s database.  Once aware of the attack, […]

Continue reading


Canadian Firm Pays $425K in Ransom Demands

Cyber Criminals Take Down Canadian Company Last weekend, and unnamed Canadian firm was hit with ransomware.  IT World Canada reported, the ransomware was able to infiltrate the system by worming its way through vulnerabilities found in the company’s Windows operating system.  The malicious software took down the company’s databases and wiped out all of their […]

Continue reading


LeakerLocker Ransomware Takes Different Approach

LeakerLocker Doesn’t Encrypt… The new ransomware, LeakerLocker, is taking a different approach to exploiting their victims.  Instead of targeting PCs, LeakerLocker focuses on smart phones.  Within the device, they then create an unauthorized copy of the user’s pictures, videos and browsing history.  They then, threaten to share all of this information with every person in […]

Continue reading


Ransomware Strikes – Paralyzing Four Public Systems

Over the last three days, four different ransomware infections have been reported.  Each of which targeting public departments and organizations. WannaCry Takes Down Fire and Police Departments According to US News, two emergency systems in Tennessee were infected with ransomware.  The Murfreesboro Police and Fire Departments were hit, leaving their systems completely paralyzed.  It is unclear […]

Continue reading


Ohio Clinic Ransomware Infections Leads to Breach Concerns

Breach Concerns Raised After Ohio Clinic is Riddled with Ransomware The Ohio clinic, PVHS-ICM Employee Health and Wellness, located in Dublin, recently informed their patients of a ransomware attack that hit its servers in May of 2017.  The ransomware only infected one location.  Therefore, all other locations were not impacted.  The ransomware variant that attacked […]

Continue reading


Huntsville Clinic Notifies Patients of Ransomware Infection

Ransomware Infects Huntsville’s Cove Family and Sports Medicine Cove Family and Sports Medicine, located in Huntsville, Alabama, recently informed their patients of a ransomware attack that occurred in April of 2017.  The ransomware successfully infected with clinic’s systems, encrypting various files.  However, instead of paying the ransom demand, they were able to restore their own […]

Continue reading


Thomas Jefferson Monticello Attacked by Ransomware

Thomas Jefferson Monticello – Recent Ransomware Victim An unknown ransomware variant recently encrypted the computer and phone systems at the Thomas Jefferson Monitcello, located in Charlottesville, Virginia.  The Federal News Radio reported tours are being not interrupted.  However, all electronic transactions have been ceased until the matter can be resolved.  Therefore, all electronic tourist payments […]

Continue reading


Petya Creators Reveals Themselves to Confirm Latest Attack Was Not Petya

Ransomware Creator Verifies, Latest Global Attack was not Petya This week, another global attack hit the world.  Initial reports claimed the attack was a version of the Petya ransomware.  However, after further investigation, it was determined the global attack was not Petya.  It wasn’t even ransomware.  The malware variant spread throughout the attack, deemed NotPetya, […]

Continue reading


Calallen Independent School District’s Security Program Failed The Test

Calallen School’s Network Infected With Ransomware On June 25, 2017, Calallen Independent School District found themselves in a heap of trouble.  Officials began noticing something was wrong with their email systems, and quickly learned ransomware had infiltrated their networks. The exact variant of ransomware that hit the school district is uncertain.  However, officials did report […]

Continue reading


The Next Global Cyber Weapon Has Been Released

WannaCry ransomware hit the globe just over 30 days ago.  It was predicted, another global ransomware attack would take place sooner or later.  However, who would’ve thought instead of ransomware, it would be complete cyber warfare? NotPetya Spreads Around the World Initial reports of NotPetya, had researchers believing it was a variation of Petya, a […]

Continue reading