Double-Extortion
Kraken ransomware benchmarks systems for optimal encryption choice
The Kraken ransomware, which targets Windows, Linux/VMware ESXi systems, is testing machines to check how fast it can encrypt data without overloading them. According to Cisco Talos researchers, Kraken’s feature is a rare capability that uses temporary files to choose between full and partial data encryption. The Kraken ransomware emerged at the begining of the […]
Ransomware profits drop as victims stop paying hackers
The number of victims paying ransomware threat actors has reached a new low, with just 23% of the breached companies giving in to attackers’ demands. With some exceptions, the decline in payment resolution rates continues the trend that Coveware has observed for the past six years. In the first quarter of 2024, the payment percentage was […]
SafePay ransomware threatens to leak 3.5TB of Ingram Micro data
The SafePay ransomware gang is threatening to leak 3.5TB of data belonging to IT giant Ingram Micro, allegedly stolen from the company’s compromised systems earlier this month. Ingram Micro is one of the world’s largest business-to-business service providers and technology distributors, offering a wide range of solutions to resellers and managed service providers worldwide, including […]
Interlock ransomware claims DaVita attack, leaks stolen data
The Interlock ransomware gang has claimed the cyberattack on DaVita kidney dialysis firm and leaked data allegedly stolen from the organization. DaVita is a Fortune 500 kidney care provider with more than 2,600 U.S. dialysis centers, 76,000 employees in 12 countries, and an annual revenue exceeding $12.8 billion. The healthcare company disclosed to the U.S. […]
Interlock ransomware gang pushes fake IT tools in ClickFix attacks
The Interlock ransomware gang now uses ClickFix attacks that impersonate IT tools to breach corporate networks and deploy file-encrypting malware on devices. ClickFix is a social engineering tactic where victims are tricked into executing dangerous PowerShell commands on their systems to supposedly fix an error or verify themselves, resulting in the installation of malware. Though this isn’t […]
Hunters International ransomware claims attack on Tata Technologies
The Hunters International ransomware gang has claimed responsibility for a January cyberattack attack on Tata Technologies, stating they stole 1.4TB of data from the company. Tata Technologies provides engineering and digital solutions for manufacturing industries worldwide. Founded in 1989 and based in Pune, it operates in 27 countries with over 12,500 employees, specializing in automotive, aerospace, […]
Qilin ransomware claims attack at Lee Enterprises, leaks stolen data
The Qilin ransomware gang has claimed responsibility for the attack at Lee Enterprises that disrupted operations on February 3, leaking samples of data they claim was stolen from the company. The threat actors have now threatened to leak all the allegedly stolen data on March 5, 2025, unless a ransom demand is paid. Lee Enterprises is […]
Sarcoma ransomware claims breach at giant PCB maker Unimicron
A relatively new ransomware operation named ‘Sarcoma’ has claimed responsibility for an attack against the Unimicron printed circuit boards (PCB) maker in Taiwan. The cybercriminals have published samples of files allegedly stolen from the company’s systems during the attack and threaten to leak everything next week if a ransom is not paid. In a new listing […]
Clop ransomware is now extorting 66 Cleo data-theft victims
The Clop ransomware gang started to extort victims of its Cleo data theft attacks and announced on its dark web portal that 66 companies have 48 hours to respond to the demands. The cybercriminals announced that they are contacting those companies directly to provide links to a secure chat channel for conducting ransom payment negotiations. They also provided […]