news
HACKS OF TODAY 04/05/2023
Today’s HOT includes 24 ransomware victims by the notorious BlackCat/ALPHV, AvosLocker Cl0p, LockBit 3.0, Qilin, Play, BlackBasta, Medusa, Cuba, Monti and Royal gangs.
The average Cyber Risk Factor of the day is 3.7.
Read below the full list.
Disclaimer:
Data are collected from public info published on Dark Web.
The Cyber Risk factor is calculated on cyber attacks’ impact based on available data.
It shows the severity of an event: 1 = low, 5 = critical
ASL 1 – AVEZZANO SULMONA L’AQUILA
Victim website: | asl1abruzzo.it |
Victim country: | Italy |
Attacker name: | Monti |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 522 GB (Multiple vulnerabilities allowed the download of data) |
Exfiltrated data type: | Data on HIV-positive patients |
Leaked data: | Sample with proof of the exfiltrated data. |
Ransom deadline: | N/A |
Cyber Risk Factor: | 5 |
ALBERT ZIEGLER
Victim website: | ziegler.de |
Victim country: | Germany |
Attacker name: | BlackCat/ALPHV |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | Large amount of data (Multiple vulnerabilities has been exploited) |
Exfiltrated data type: | Engineering information, confidential customer and partner data, correspondence with military organizations etc. |
Leaked data: | Sample with proof of the exfiltrated data. (Personal and financial information of customers and partners is sold on the black market) |
Ransom deadline: | N/A |
Cyber Risk Factor: | 5 |
BLUEFIELD COLLEGE
Victim website: | bluefield.edu |
Victim country: | USA |
Attacker name: | AvosLocker |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 1,2 TB |
Exfiltrated data type: | Miscellaneous documents including, photos, employees and students’ information |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 5 |
SOUTHERN WEST VIRGINIA COMMUNITY AND TECHNICAL COLLEGE
Victim website: | southernwv.edu |
Victim country: | USA |
Attacker name: | Royal |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 14,5 GB |
Exfiltrated data type: | Personal information of students and personnel (hundreds of SSNs, medical information and etc.), confidential documents, NDAs and many other. |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
LUX AUTOMATION
Victim website: | lux-automation.com |
Victim country: | Germany |
Attacker name: | Monti |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 366 GB |
Exfiltrated data type: | Company data |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
BANCO COMERCIAL DO HUAMBO
Victim website: | bch.co.ao |
Victim country: | Angola |
Attacker name: | BlackCat/ALPHV |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | Large amount of data |
Exfiltrated data type: | Swift data, Financial info about partners and customers, Credit card data, Personal customer information, etc. |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | 07th May 23 |
Cyber Risk Factor: | 4 |
COMMUNE DE SAXON
Victim website: | saxon.ch |
Victim country: | Switzerland |
Attacker name: | Play |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Students personal information, private information, financial documents |
Leaked data: | / |
Ransom deadline: | 11th May 23 |
Cyber Risk Factor: | 4 |
CITY OF LOWELL
Victim website: | lowellma.gov |
Victim country: | USA |
Attacker name: | Play |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Private and personal confidential data, passports, IDs, finance, payroll, departments documents, budget and etc |
Leaked data: | / |
Ransom deadline: | 11th May 23 |
Cyber Risk Factor: | 4 |
MIDWEST TRUCK
Victim website: | midwesttruck.com |
Victim country: | USA |
Attacker name: | Royal |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Corporate data with all the personal (drivers licenses, addresses, phones, passports, SSNs) and business (financial docs, bank statements, incident, contract) information |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
THE CROWN PRINCESS MARY CANCER CENTRE
Victim website: | sydneywestcancer.org |
Victim country: | Australia |
Attacker name: | Medusa |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | $ 100,000 |
Exfiltrated data amount: | Large amount of data |
Exfiltrated data type: | Miscellaneous documents |
Leaked data: | Sample with proof of the exfiltrated documents |
Ransom deadline: | 12th May 23 |
Cyber Risk Factor: | 4 |
ID TECH
Victim website: | idtechproducts.com |
Victim country: | USA |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Miscellaneous including employees information, technical documents, correspondence etc. |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
GIHEALTHCARE
Victim website: | gihealthcare.com |
Victim country: | USA |
Attacker name: | Cuba |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Large amount of data |
Leaked data: | 100% of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
FOREST RIDGE
Victim website: | forestridge.com |
Victim country: | USA |
Attacker name: | BlackBasta |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | 100% of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
CARRINGTON GROUP
Victim website: | carrington.ca |
Victim country: | United Kingdom |
Attacker name: | BlackBasta |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | 100% of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
ZBW NEWS
Victim website: | zbw.eu |
Victim country: | Germany |
Attacker name: | Royal |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Employees and customers, contracts, NDAs and even Ukraine conflict predictions and reviews. |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 3 |
TRIAFLEX
Victim website: | triaflex.at |
Victim country: | Austria |
Attacker name: | LockBit 3.0 |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | Large amount of data |
Exfiltrated data type: | Miscellaneous including financial documents |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | 17th May 23 |
Cyber Risk Factor: | 3 |
NEGMA BUSINESS SOLUTIONS
Victim website: | negma.net |
Victim country: | USA |
Attacker name: | Play |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Private and personal confidential data, finance, taxes, passports, employee and clients documents |
Leaked data: | / |
Ransom deadline: | 11th May 23 |
Cyber Risk Factor: | 3 |
VOCALCOM
Victim website: | vocalcom.com |
Victim country: | France |
Attacker name: | Play |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Private and personal confidential data, finance, passports, clients data, technical information and etc. |
Leaked data: | / |
Ransom deadline: | 11th May 23 |
Cyber Risk Factor: | 3 |
WOONKRACHT10
Victim website: | woonkracht10.nl |
Victim country: | Netherlands |
Attacker name: | Play |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Private and personal confidential data, finance, passports, contracts, HR and etc |
Leaked data: | / |
Ransom deadline: | 06th May 23 |
Cyber Risk Factor: | 3 |
GROPPER & NEJAT
Victim website: | groppernejat.com |
Victim country: | USA |
Attacker name: | Qilin |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 12,21 |
Exfiltrated data type: | Miscellaneous documents |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 3 |
SIVSA
Victim website: | coremain.com |
Victim country: | Spain |
Attacker name: | Play |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Private and personal confidential data, employee and client information |
Leaked data: | / |
Ransom deadline: | 11th May 23 |
Cyber Risk Factor: | 3 |
NOVA GROUP
Victim website: | novagroup.com.au |
Victim country: | Australia |
Attacker name: | Play |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Private and personal confidential data, passports, employee information, technical documentation |
Leaked data: | / |
Ransom deadline: | 11th May 23 |
Cyber Risk Factor: | 3 |
DGC
Victim website: | dgc.se |
Victim country: | Sweden |
Attacker name: | Play |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Private and personal confidential data, finance, taxes, clients and employee information |
Leaked data: | / |
Ransom deadline: | 11th May 23 |
Cyber Risk Factor: | 3 |
LIBRA VIRTUA
Victim website: | libravirtua.hu |
Victim country: | Hungary |
Attacker name: | Play |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Private and personal confidential data, finance, hr, contracts, databases, clients documents and files |
Leaked data: | / |
Ransom deadline: | 11th May 23 |
Cyber Risk Factor: | 3 |
Stay safe!
Hackmanac Team
Latest news
HACKS OF TODAY 11-12-13-14-15/05/2024
Today's HOT includes 94 victims by the notorious Hunters International, Rhysida, BianLIan, dAn0n, Qilin, Embargo, Everest, INC Ransom, Black Suit, Monti, Akira, RansomHub, Zero Tolerance...
Read MoreHACKS OF TODAY 09-10/05/2024
Today's HOT includes 94 victims by the notorious Hunters International, Rhysida, BianLIan, dAn0n, Qilin, Embargo, Everest, INC Ransom, Black Suit, Monti, Akira, RansomHub, Zero Tolerance...
Read MoreOPERATION CRONOS AND THE MAGNITUDE OF THE LOCKBIT REACTION: 119 PREVIOUSLY UNCLAIMED VICTIMS WORLDWIDE
In recent days, following the events involving the LockBit criminal group and law enforcement with Operation Cronos, the hacker group decided to go all in...
Read More