On-demand Webinar – World vs Cyber: Bridging the Gap to Mitigate Threats Learn More +

Ransomware Rewind

Weekly Update: 25 October 2022

Ransomware Rewind is a compilation of ransomware-related stories published over the past week.

Most Active Ransomware Operators

Volume of messages posted by operators during the last week.

Significant Campaigns & Incidents

Documents and discussion of significant ransomware campaigns, incidents, and associated actors.

Hive claims ransomware attack on Tata Power, begins leaking dataBleepingComputer.com – Oct 25 2022 08:49
Police investigating ransomware attack against MiTCONCalhoun Times – Oct 25 2022 06:41
Ransomware group claims attack on Wisconsin school districtThe Record by Recorded Future – Oct 24 2022 20:43
Cuba ransomware affiliate targets Ukrainian govt agenciesBleepingComputer.com – Oct 24 2022 15:51
Pendragon hit with a record ransom demandCyberNews – Oct 24 2022 07:51
Cyber attack on Massy Group – Tech expert: TT at mercy of cyber criminalsTrinidad and Tobago’s Newsday – Oct 22 2022 05:39
Hacking of Senegal’s telecom regulator a novelty – expertAgence Africaine de Presse – Oct 20 2022 18:32
British Company Kingfisher Insurance Confirms LockBit AttackHeimdal Security Blog – Oct 19 2022 13:20

Tactics & Techniques

Discussion and mentions of significant techniques deployed by threat actors.

Rapidly Evolving Magniber RansomwareASEC Blog AhnLab English – Oct 25 2022 00:43
Hackers exploit critical VMware flaw to drop ransomware, minersBleepingComputer.com – Oct 21 2022 16:57

Researcher Analysis

Analysis, deep-dives and reverse engineering.

TommyLeaks and SchoolBoys: Two sides of the same ransomware gangBleepingComputer.com – Oct 22 2022 15:12
Black Basta and the Unnoticed DeliveryCheck Point Research – Oct 20 2022 09:57
REvil and Conti Ransomware Spinoffs Refine Attack StrategiesBankInfoSecurity – Oct 19 2022 18:09
Ransomware attacks continue to rise globallyThe Straits Times All News – Oct 19 2022 11:05
Deadbolt Ransomware Extorts Vendors and CustomersInfosecurity Today – Oct 19 2022 09:07
Defenders beware: A case for post-ransomware investigationsMicrosoft Security Blog – Oct 18 2022 18:00

Legal Actions and Discussion

Actions, consequences, and policy discussion by governments and organisations.

#StopRansomware: Daixin TeamCISA Current Activity – Oct 21 2022 19:40
Ransomware is Being Used As a Precursor to Physical War: IvantiInfosecurity Today – Oct 20 2022 17:07
Research Reveals Gaps in Ransomware DefenseITPro Today – Oct 19 2022 06:25

The content in this report was compiled by the use of our award-winning intelligence product Silobreaker Online. Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of any content in this report and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content in the report.