ZooTampa, a renowned family attraction and winner of multiple TripAdvisor Travelers’ Choice Awards, has allegedly fallen victim to a cyber attack.
The Black Suit hacker group, known for its notorious activities, has listed ZooTampa as one of its targets in the latest attack.
Threat analyst Brett Callow shared a post on Twitter, accompanied by an image that appears to be associated with the hacker group’s claims of the cyber attack on ZooTampa.
The Cyber Express reached out to learn more about the alleged cyber attack on ZooTampa. However, as of now, the company has not provided an official response or statement regarding the incident.
Cyber attack on ZooTampa: Why are hackers targeting Zoos?
It is worth noting that the cyber attack on ZooTampa is not an isolated incident. In recent years, other zoos, such as the Louisville Zoo and the Detroit Zoo, have also faced cybersecurity breaches.
Last year, the Louisville Zoo experienced a similar breach where member and emails subscriber were compromised.
The zoo sent an email to its supporters, stating that the company responsible for email communications about programs and events had fallen victim to a ransomware attack.
According to Louisville Zoo, unauthorized parties acquired supporters’ personal information, including names, physical addresses, email addresses, membership numbers, and membership levels.
The service provider, WordFly, believes that the unauthorized party has since deleted the data.
While the zoo assured supporters that no sensitive personal information such as payment card details were stored with WordFly, they urged caution regarding phishing attempts and encouraged vigilance when receiving emails, text messages, or phone calls requesting personal information or containing suspicious links and attachments.
In a separate incident, the Detroit Zoo disclosed in 2015 that their gift shop checkout terminals were targeted by hackers.
The breach also affected seven other zoos across the country, all of which utilized the services of Service Systems Associates as their payment processing vendor. The compromised period was limited to March 23 through June 25 of that year.
Cyber attack on ZooTampa, and possible links to Royal ransomware
While the cyber attack on ZooTampa has not been verified by the company, BlackSuit has listed them as a victim.
BlackSuit has been active in the cyber attack industry for quite a while now and launched several cyber attacks on the IT systems in Dallas, Texas. Moreover, researchers on Twitter found that the threat actor has been targeting both Windows and Linux users.
Recently, a report analyzed the “Linux variant” of the BlackSuit strain. According to the researchers, the ransomware strain shares striking similarities with another popular ransomware family Royal.
Moreover, Trend Micro also did an analysis of the ransomware strain and found an “extremely high degree of similarity” between Royal and BlackSuit.
Using BinDiff, a powerful tool for binary file comparison, the researchers discovered that BlackSuit and Royal were almost indistinguishable.
Functions, blocks, and jumps exhibited striking similarities, with 98% similarity in functions, 99.5% similarity in blocks, and 98.9% similarity in jumps for the Linux variant.
Similarly, the Windows artifacts comparison revealed 93.2% similarity in functions, 99.3% in basic blocks, and 98.4% in jumps. These findings highlight the sophisticated nature of the Black Suit hacker group’s tactics and the level of expertise they possess.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.