news
HACKS OF TODAY 26/09/2023
Today’s HOT includes 17 ransomware victims by the notorious Rhysida, Ransomed, ALPHV/BlackCat, Knight, 8Base, NoEscape and BianLian gangs.
The average Cyber Risk Factor is 4.1.
Read below the full list.
Disclaimer:
Data are collected from public info published on Dark Web.
The Cyber Risk factor is calculated on cyber attacks’ impact based on available data.
It shows the severity of an event: 1 = low, 5 = critical
KUWAIT MINISTRY OF FINANCE
Victim website: | mof.gov.kw |
Victim country: | Kuwait |
Attacker name: | Rhysida |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | $ 370,000 |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Miscellaneous including PII documents and financial data |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | 02nd Oct 23 |
Cyber Risk Factor: | 5 |
NTT DOCOMO
Victim website: | docomo.ne.jp |
Victim country: | Japan |
Attacker name: | Ransomed |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | $ 1,015,000 |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 5 |
SAINT MARK CATHOLIC CHURCH
Victim website: | stmarknc.org |
Victim country: | USA |
Attacker name: | BianLIan |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 1.3 TB |
Exfiltrated data type: | Finance data, Students’ and their parents’ confidential data, Internal email correspondence, Employees personal data |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 5 |
PRESTIGE CARE
Victim website: | prestigecare.com |
Victim country: | USA |
Attacker name: | ALPHV/BlackCat |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 2 TB |
Exfiltrated data type: | Personal data, finance, HR, Sharepoint, marketing, etc. |
Leaked data: | 260 GB of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 5 |
NUSMILES HOSPITAL
Victim website: | nusmiles.com |
Victim country: | USA |
Attacker name: | Knight |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
WEBBER RESTAURANT GROUP
Victim website: | webberrestaurantgroup.com |
Victim country: | USA |
Attacker name: | 8Base |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Invoice, receipts, accounting documents, personal data, certificates, employment contracts, a huge amount of confidential information, confidentiality agreements, personal files |
Leaked data: | / |
Ransom deadline: | 03rd Oct 23 |
Cyber Risk Factor: | 4 |
ZZCOLDSTORES
Victim website: | zzcoldstores.com |
Victim country: | Netherlands |
Attacker name: | ALPHV/BlackCat |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 3 |
POND SECURITY
Victim website: | pond-security.com |
Victim country: | Germany |
Attacker name: | ALPHV/BlackCat |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | 28th Sep 23 |
Cyber Risk Factor: | 3 |
SUD TRADING COMPANY
Victim website: | stcpro.fr |
Victim country: | France |
Attacker name: | 8Base |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Invoice, receipts, accounting documents, personal data, certificates, employment contracts |
Leaked data: | / |
Ransom deadline: | 03rd Oct 23 |
Cyber Risk Factor: | 3 |
POWERHOUSE RETAIL SERVICES
Victim website: | powerhousenow.com |
Victim country: | USA |
Attacker name: | NoEscape |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 20 GB |
Exfiltrated data type: | Agreement and contracts, full project list and project, thousands of legal documents, banking, tax, budget and finance sector, confidential information about employee, customer, vendor and management, DL ID card etc, report and audit, payments, invoice, check, insurance, license, incident report, ATM circuit and blueprints, SVW docs and tens of thousands of other critical and sensitive company data |
Leaked data: | / |
Ransom deadline: | 30th Sep 23 |
Cyber Risk Factor: | 4 |
WATERLOO MEDIA
Victim website: | waterloomedia.com |
Victim country: | USA |
Attacker name: | NoEscape |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 50 GB |
Exfiltrated data type: | Agreements, personal data of employees and customers, hundreds of resumes, taxes, accounting, HR, sales, reports, engineering and tens of thousands of other documents |
Leaked data: | / |
Ransom deadline: | 06th Oct 23 |
Cyber Risk Factor: | 4 |
LUTHERAN CHURCH AND PRESCHOOL
Victim website: | lcoor.org |
Victim country: | USA |
Attacker name: | BianLIan |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 200 GB |
Exfiltrated data type: | Finance data, HR data, Students’ personal data, SQL databases |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
KRAMER TREE SPECIALISTS
Victim website: | kramertree.com |
Victim country: | USA |
Attacker name: | BianLIan |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 450 GB |
Exfiltrated data type: | Personal data employees, Customer information, Financial documents |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
ISTITUTO PROSPERIUS
Victim website: | prosperius.it |
Victim country: | Italy |
Attacker name: | Rhysida |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | $ 130,000 |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Miscellaneous including insurance documents |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | 03rd Oct 23 |
Cyber Risk Factor: | 4 |
BESTPACK PACKAGING
Victim website: | bestpack.com |
Victim country: | USA |
Attacker name: | ALPHV/BlackCat |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 22 GB |
Exfiltrated data type: | HR documents, engineering, finance, etc. |
Leaked data: | 100% of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
WOODY ANDERSON FORD
Victim website: | woodyandersonford.com |
Victim country: | USA |
Attacker name: | ALPHV/BlackCat |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 0.6 GB |
Exfiltrated data type: | DC-DUMP, DNS, passwords, webscan, other IT |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
NORDIC SECURITY SERVICES
Victim website: | nordicsec.com |
Victim country: | USA |
Attacker name: | ALPHV/BlackCat |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | Data has been sold |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
Stay safe!
Hackmanac Team
Latest news
HACKS OF TODAY 11-12-13-14-15/05/2024
Today's HOT includes 94 victims by the notorious Hunters International, Rhysida, BianLIan, dAn0n, Qilin, Embargo, Everest, INC Ransom, Black Suit, Monti, Akira, RansomHub, Zero Tolerance...
Read MoreHACKS OF TODAY 09-10/05/2024
Today's HOT includes 94 victims by the notorious Hunters International, Rhysida, BianLIan, dAn0n, Qilin, Embargo, Everest, INC Ransom, Black Suit, Monti, Akira, RansomHub, Zero Tolerance...
Read MoreOPERATION CRONOS AND THE MAGNITUDE OF THE LOCKBIT REACTION: 119 PREVIOUSLY UNCLAIMED VICTIMS WORLDWIDE
In recent days, following the events involving the LockBit criminal group and law enforcement with Operation Cronos, the hacker group decided to go all in...
Read More