Tag Archive for: Service

Thousands of Asus routers taken over by malware to form new proxy service

/in


Thousands of old, outdated Asus routers are being targeted by a new version of “TheMoon” malware botnet, turning them into a network of devices used by a criminal residential proxy service.

Researchers from Black Lotus Labs claim the campaign started in early March 2024 and within 72 hours, compromised roughly 6,000 Asus routers. 

Source…

ALPHV/Blackcat Ransomware as a Service

/in


NAME: ALPHV/Blackcat Ransomware as a Service (RaaS)
NATIONALITY: Various (Unknown)
CITIZENSHIP: Various (Unknown)

The U.S. Department of State is offering a reward of up to $10,000,000 for information leading to the identification or location of any individual(s) who hold a key leadership position in the Transnational Organized Crime group behind the ALPHV/Blackcat ransomware variant.  In addition, a reward offer of up to $5,000,000 is offered for information leading to the arrest and/or conviction in any country of any individual conspiring to participate in or attempting to participate in ALPHV/Blackcat ransomware activities.

On December 19, 2023, the Department of Justice (DOJ) and the FBI announcement of cooperation with an international group of law enforcement agencies from the United Kingdom, Australia, Germany, Spain, and Denmark, to conduct a disruption campaign against the notorious ransomware gang ALPHV/Blackcat.  FBI identified ALPHV/Blackcat actors as having compromised over 1,000 victim entities in the United States and elsewhere, including prominent government entities (e.g., municipal governments, defense contractors, and critical infrastructure organizations). To date, the FBI has worked with dozens of victims in the United States and internationally to disseminate a decryption tool to restore victim systems and prevent ransom demand payments of approximately $99 million.

Ransomware is a type of malicious software, or malware, that prevents a user from accessing computer files, systems, or networks until a ransom is paid for their return.  Ransomware incidents can cause costly disruptions to operations and the loss of critical information and data.

The FBI does not support the payment of a ransom in response to a ransomware attack.  Paying ransom demands encourages more ransomware incidents and provides an incentive to become involved in this type of illegal activity.  If you are the victim of a ransomware incident, please visit stopransomware.gov.

Please direct information in response to the reward offer through the following Tor-based tip line (Tor browser required):
he5dybnt7sr6cm32xt77pazmtm65flqy6irivtflruqfc5ep7eiodiad.onion.  If you are…

Source…

20+ hospitals in Romania hit hard by ransomware attack on IT service provider • Graham Cluley

/in


20+ hospitals in Romania hit hard by ransomware attack on IT service provider20+ hospitals in Romania hit hard by ransomware attack on IT service provider

Over 20 hospitals in Bucharest have reportedly been impacted by a ransomware attack after cybercriminals targeted an IT service provider. As a consequence medical staff have been forced to use pen-and-paper rather than computer systems.

Romania’s National Cybersecurity Directorate (DNSC) said in a statement that the attackers encrypted hospital data using the Backmydata ransomware – a variant of Phobos.

The DNSC advises not to contact the IT teams at affected hospitals “so they can focus on restoring IT services and data! This is the priority at the moment.”

Sign up to our free newsletter.
Security news, advice, and tips.

The affected hospitals all used the Hipocrate IT platform, developed by Romanian software company RSC to manage patients’ data and track their progress from initial admission to discharge.

Affected hospitals include:

  • Azuga Orthopaedics and Traumatology Hospital
  • Băicoi City Hospital
  • Buzău County Emergency Hospital
  • C.F. Clinical Hospital no. 2 Bucharest
  • Colțea Clinical Hospital
  • Emergency County Hospital “Dr. Constantin Opriș” Baia Mare
  • Emergency Hospital for Plastic, Reconstructive and Burn Surgery Bucharest
  • Fundeni Clinical Institute
  • Hospital for Chronic Diseases Sf. Luca
  • Institute of Cardiovascular Diseases Timișoara
  • Medgidia Municipal Hospital
  • Medical Centre MALP SRL Moinești
  • Military Emergency Hospital “Dr. Alexandru Gafencu” Constanta
  • Oncological Institute “Prof. Dr. Al. Trestioreanu” Institute Bucharest (IOB)
  • Pitești Emergency County Hospital
  • Regional Institute of Oncology Iasi (IRO Iasi)
  • Sighetu Marmației Municipal Hospital
  • Slobozia County Emergency Hospital
  • St. Apostol Andrei Emergency County Hospital Constanta
  • Târgoviște County Emergency Hospital

The DNSC reports that 79 more hospitals using Hipocrate have disconnected from the internet in the wake of the attack. The attack was first spotted on Saturday, February 10 at the Pitești Paediatric Hospital.

According to the DNSC, most affected hospitals have backups of the data encrypted by the ransomware, which should aid recovery. But in at least one case, the most recent backup was saved 12 days ago.

Hat-tip: Thanks to reader Gheorghe for his assistance with this…

Source…

Minister says verdict almost ready, advises racketeers to exit service

/in


The Coordinating Minister of Health and Social Welfare, Muhammad Pate, has, for the umpteenth time, reacted to the lingering crisis at the Obafemi Awolowo University Teaching Hospital (OAUTH) over the alleged job racketeering which has led to the nonpayment of some workers for almost a year.

Mr Pate, in a statement shared on the X handle of the Federal Ministry of Health and Social Welfare, explained reasons for the delayed action on the matter, saying the ministry is working out the possibilities of addressing the issue.

Earlier in November 2023, PREMIUM TIMES reported that the ministry issued a statement signed by its Director of Press, Patricia Deworitshe, confirming the indictment of some officials of the hospital including a former Acting Chief Medical Director, Afolabi Owojuyigbe, of engaging in job racketeering.

The ministry said an investigative panel led by Aderemi Azeez found that Mr Owojuyigbe carried out over-employment in the hospital, without provision in the personnel budget.

FIRS

According to the statement, the panel disclosed that Mr Owojuyigbe, a Consultant anaesthetist, employed over 1,973 staff as against the waiver for 450 vacancies granted to the hospital by the federal government in the 2022 employment process.

Mr Owojuyigbe and “his accomplices” are therefore culpable of job racketeering, according to the panel.

Workers murmur

Meanwhile, as a result of the development many of the employed workers have not received their salaries for about a year since their employment. However, the government is insisting that the employment is illegal and that the government has no money to pay the “illegal” employees.

However, the affected workers have taken to social media to accuse the government of subjecting them to penury.

They said the ministry is deliberately delaying the process to frustrate them out of the job.

Minister responds

The minister has, however, said the ministry is still working to resolve the issue, saying many of those illegally engaged are non-clinical workers “and there is no money in the hospital to pay for them.”

In a statement shared Monday on X, Mr Pate alleged that many of the job seekers and their sponsors influence…

Source…