It was a relatively quiet week regarding ransomware news, with the BlackCat ransomware gang extorting Reddit and the ongoing MOVEit Transfer data breaches being the main focus.
This week the BlackCat gang claimed to be behind a Reddit data-theft attack that the company previously disclosed in February 2023.
In February, Reddit announced that it suffered a breach where threat actors gained access to some of its systems and could steal source code and a limited amount of advertiser data.
However, in an update on the BlackCat data leak site, the threat actors claim they stole 80 GB of compressed data during the attack and now plan on leaking the data after they say Reddit ignored a $4.5 million ransom demand.
While no encryption was utilized in this attack, it is noteworthy as the extortion group is a known ransomware operation.
Currently, no Reddit data has been leaked by the extortion gang. However, they stated, “We expect to leak the data.”
Regarding the MOVEit data breaches, the situation has escalated with the US government issuing an up to $10 million reward for information on the Clop ransomware operation being linked to a foreign government after it was revealed they breached numerous federal agencies.
However, the Clop gang continues to say they care nothing for politics and are only in it for the money, claiming to delete any government data and continuing to name new organizations impacted by the hacks.
On the flip side, impacted organizations continue to come forward, disclosing that they were breached and what information was stolen.
Today, three companies disclosed that they were impacted by a MOVEit breach at their provider PBI Research Services (PBI) disclosed, where the attackers stole the data of 4.75 million people.
As expected, this massive breach has led to a class action lawsuit against Progress Software, the developers of MOVEit Transfer.
Finally, Sophos has released the first episode of the ‘Think You Know Ransomware?’ docuseries on YouTube
Contributors and those who provided new ransomware information and stories this week include: @demonslay335, @BleepinComputer, @fwosar, @serghei, @billtoulas, @Seifreed, @malwrhunterteam, @Ionut_Ilascu, @LawrenceAbrams, @NCCGroupplc, @NCSC, @pcrisk, @vxunderground, @AlvieriD, and @BrettCallow.
June 17th 2023
US govt offers $10 million bounty for info on Clop ransomware
The U.S. State Department’s Rewards for Justice program announced up to a $10 million bounty yesterday for information linking the Clop ransomware attacks to a foreign government.
June 18th 2023
Reddit hackers threaten to leak data stolen in February breach
The BlackCat (ALPHV) ransomware gang is behind a February cyberattack on Reddit, where the threat actors claim to have stolen 80GB of data from the company.
June 19th 2023
Iowa’s largest school district confirms ransomware attack, data theft
Des Moines Public Schools, Iowa’s largest school district, confirmed today that a ransomware attack was behind an incident that forced it to take all networked systems offline on January 9, 2023.
June 20th 2023
New STOP ransomware variants
PCrisk found new STOP ransomware variants that append the .bhtw and .bhui extensions.
June 21st 2023
NCC Group Monthly Threat Pulse – May 2023
New analysis from NCC Group’s Global Threat Intelligence team has revealed that ransomware attacks are soaring, with 436 victims in May. The new figures represent a 24% surge compared to April’s figure of 352 and a 56% increase compared to May 2022.
Sophos releases ransomware docuseries
Sophos has released the first episiode of their ‘Think You Know Ransomware?’ docuseries on YouTube.
New STOP ransomware variant
PCrisk found a new STOP ransomware variant that appends the .bhgr extension.
June 22nd 2023
MOVEit Data Breach Attacks Prompt Class-Action Lawsuit Against Progress Software
Progress Software, the maker of MOVEit cloud hosting and file-transfer services, is facing a class-action lawsuit in connection with cyberattacks that resulted from a software vulnerability.
Cyber Threat Report: UK Legal Sector
An updated report from the NCSC explaining how UK law firms – of all sizes – can protect themselves from common cyber threats.
June 23rd 2023
MOVEIt breach impacts GenWorth, CalPERS as data for 3.2 million exposed
PBI Research Services (PBI) has suffered a data breach with three clients disclosing that the data for 4.75 million people was stolen in the recent MOVEit Transfer data-theft attacks.