Ransomware Recap – January
Welcome to our first Ransomware Recap! In this monthly series, we discuss a few of the biggest ransomware stories. Let’s jump in!
Travelex Hackers Demand $6 Million
On New Year’s Eve, hackers compromised Travelex’s infrastructure with Sodinokibi ransomware. The hack, which was undetected for 6 months prior, forced Travelex to shut down all operations across 30 countries.
Alleged information gathered by the hackers included credit card numbers and over 5GB of personal information. Travelex, on the other hand, claims that no customer data was compromised.
Currently, the Travelex website is still down, citing “We now have contained the virus and are working to restore our systems and resume normal operations as quickly as possible.”
FBI Warns US Companies About Maze Ransomware Attacks
In an ongoing warning to privately owned businesses over the U.S., the FBI cautioned organizations about a progression of attacks utilizing Maze ransomware.
The FBI described the recent attacks, stating the hacker would sometimes act as a government agency to steal data from the companies and encrypt it to further extort them. In another case, hackers using Maze threatened to release confidential files unless a ransom was paid.
These attacks started hitting American organizations in November of 2019 and show no signs of slowing down.
Source: Security Today
Hackers Steal $10.5 Million from Real Estate Software Company
RealPage, a real estate software company located in Dallas, was recently invaded when hackers obtained employee login credentials. The Hackers were able to access the company’s online financial accounts after an employee clicked on a phishing email.
According to NBC DFW, ” Hackers, possibly from Nigeria, stole $10.5 million from a Richardson real estate software company with the help of “money mules” — dozens of Americans who unwittingly accepted fraudulent money into their accounts, transferred it to those behind the scheme and, as the culprits instructed, kept a cut for themselves, according to court documents.”
Since the attack, more than $2.9 million of the stolen money has been seized by federal prosecutors.
Source: NBC News Dallas Fort Worth
New York Cities to Potentially Ban Ransomware Payments
On January 14, New York State senators Phil Boyle and Sue Serino issued a proposal to encourage municipalities to ban the use of taxpayer money to pay ransomware demands.
According to the bill, “A small investment in local government cybersecurity now, can help stop cyber-criminals from profiting on the backs of New York State taxpayers and protect important state and local government services from disruption… To incentivize these upgrades, the bill will prevent state and local governments from paying ransoms for ransomware attacks after January 1, 2022 by which time they should be able to sufficiently upgrade their cybersecurity systems.”
Two days later, Senator David Carlucci introduced a second bill with similar text, the only stipulation being that it omits the creation of a security fund.
Source: Threat Post