It’s been a relatively quiet week when it comes to ransomware news, with the BlackCat ransomware gang extorting Reddit and the ongoing MOVEit Transfer data breaches being the main focus.
This week the BlackCat gang claims to be behind Reddit data theft attack which the company previously disclosed in February 2023.
In February, Reddit announced that it suffered a breach where threat actors gained access to some of its systems and were able to steal source code and a limited amount of advertiser data.
However, in an update on data leak site BlackCat, the threat actors claim they stole 80GB of compressed data during the attack and are now planning to release the data after saying Reddit ignored a request for $4.5 million ransom.
Although no encryption was used in this attack, it should be noted that the extortion group is a known ransomware operation.
Currently, no Reddit data has been leaked by the extortion gang. However, they said, “We expect to release the data.”
Regarding MOVEit data breaches, the situation has worsened with the The US government issues a reward of up to $10 million for information on the Clop ransomware operation linked to a foreign government after it was revealed that they breached numerous federal agencies.
However, the Clop gang continue to say they don’t care about politics and are only in it for the money, claiming to delete all government data and continuing to name new organizations affected by hacks.
On the other hand, affected organizations continue to come forward, revealing that they were hacked and what information was stolen.
Today, three companies revealed that they had been affected by a MOVEit breach at their provider PBI Research Services (PBI), where the attackers stole the data of 4.75 million people.
As expected, this massive breach led to a Class Action Against Progress Softwarethe developers of MOVEit Transfer.
Finally, Sophos released the First episode of ‘Do you think you know Ransomware?’ docuseries on YouTube
Contributors and those who provided new ransomware information and stories this week include: @demonslay335, @BleepinComputer, @fwosar, @serghei, @billtoulas, @Seifreed, @malwhunterteam, @Ionut_Ilascu, @LawrenceAbrams, @NCCGroupplc, @NCSC, @pcrisk, @vxunderground, @AlvieriDAnd @BrettCallow.
June 17, 2023
The US State Department’s Rewards for Justice program yesterday announced up to $10 million in rewards for information linking the Clop ransomware attacks to a foreign government.
June 18, 2023
The BlackCat (ALPHV) ransomware gang is behind a February cyberattack on Reddit, where threat actors claim to have stolen 80GB of data from the company.
June 19, 2023
Des Moines Public Schools, the largest school district in Iowa, today confirmed that a ransomware attack was behind an incident that caused it to take all networked systems offline on January 9, 2023.
June 20, 2023
Risk found new STOP ransomware variants that add the .bhtw And .bhui expansions.
June 21, 2023
New analysis from NCC Group’s Global Threat Intelligence team has revealed that ransomware attacks are on the rise, with 436 victims in May. The new figures represent a 24% increase from April’s figure of 352 and a 56% increase from May 2022.
Sophos has released the first episode of their ‘Think You Know Ransomware?’ docuseries on YouTube.
PCrisk has found a new STOP ransomware variant that adds the .bhgr extension.
June 22, 2023
Progress Software, the creator of MOVEit cloud hosting and file transfer services, is the subject of a class action lawsuit relating to cyberattacks resulting from a software vulnerability.
An updated report from the NCSC explaining how UK law firms – of all sizes – can protect themselves against common cyber threats.
June 23, 2023
PBI Research Services (PBI) has suffered a data breach with three clients revealing that the data of 4.75 million people was stolen in the recent MOVEit Transfer data theft attacks.