Recent Ransomware Attacks:
- A new crypto-ransomware campaign for macOS distributed via BitTorrent sites called “Patcher” has appeared. While not highly sophisticated, it’s effective enough to prevent victims from accessing their files, and could cause serious damage.
- Users of Google Chrome should be on high alert for a new ransomware attack that leads them to believe their browser is missing a vital component, its font. Victims who try to install the font are hit with a “dropper” that delivers the highly-sophisticated Spora ransomware.
- Bingham County, Idaho, was hit with a large-scale ransomware attack that took down servers on February 15, impacting the county’s website, emergency 9-1-1 calls, and dispatch center. Attackers demanded a $25,000 payment, but the county did not pay the ransom; they instead rebuilt their computer infrastructure to prevent future attacks.
- The Roxana, Illinois, police department is recovering from a ransomware attack that left their computers out of commission for four days, worrying residents. The police did not pay the ransom and the FBI is now investigating the incident.
- The third largest county in Ohio was affected by a ransomware attack that completely shutting down computers in Licking County government offices and its police department. Despite the ability to avoid these types of attacks with good backup practices, they are becoming more common as the public sector continues to be a hot target.
- Storage devices containing data from police surveillance cameras out of Washington, D.C., were compromised with two different forms of ransomware, prompting a citywide sweep of the network. The police department did not pay a ransom, and instead took the affected cameras offline to remove the software.
- A ransomware attack on a luxury hotel in Austria was locked out of its computers for 24 hours, leaving workers unable to issue new key cards to guests and taking the reservation system offline. The hotel paid the ransom (in Bitcoins) and plans to revert back to “old, normal keys.”
- Police in Cockrell Hill, Texas, lost eight years of digital evidence due to a ransomware attack that was “introduced onto the network from a spam email that had come from a cloned email address imitating a department-issued email address.” Microsoft Office and video files dating back to 2009 were reportedly lost when the department decided to wipe the server instead of paying the $4,000 ransom. The department stated that it does still have hard copies of all documents and backups of videos and photos on CDs and DVDs.
- Computers at all 17 branches of the St. Louis Public Library were impacted due to a ransomware attack that carried a payment demand of $35,000. Managers did not pay the ransom; IT staff wiped affected servers and restored them from backups. Library staff members are working with the FBI to determine the origin of the infection.
Subscribe to the Proofpoint Blog