A cybercrime unit formed by a police agency operating in Europe, succeeded in catching cyber criminals on a recent note and sources say that they were trying to spread ransomware to hospitals in the name of COVID 19 testing.
According to a statement issued by Romanian Directorate for Investigating Organized Crime and Terrorism (DIICOT), the 4 man hacker’s group dubbed as “Pentaguard” became highly active from March 2020. And the group came on to the surveillance radar of Romania Cyber Crime unit that was formed last year to curb cybercrime.
Recently, the Bucharest Cybercrime Unit succeeded in nabbing the PentaGuard group members who possessed remote access Trojans, source code of file-encrypting malware, and SQL Injection Tools to launch cyberattacks on public and private sectors. They aimed to steal data, deface websites, and encrypt key systems in exchange for a ransom.
“They were in a plan to launch ransomware attacks on healthcare organizations researching COVID 19 medicine operating in Romania. Furthermore, the group of criminals also amassed all tools to launch email phishing attacks on government facilities that were storing and managing Corona Virus related data,” says a DIICOT update.
All three of the gang members were caught in three different houses located in Romania and one from Moldova.
In the past two months, cyber crooks have been constantly monitoring the internet on companies and universities working in bringing down the Corona Virus related to medicine/vaccine as soon as possible. And many cyber gangs like Maze Ransomware group are seen consistently targeting the research institutions via digital attacks. Their motive is to either demand huge amounts of a sum to free up the database from ransomware or sell the stolen data for a handsome amount on the dark web.
Note 1 – In May’20, Interpol issued a purple notice to all its 194 country members that there is a major cyber threat is lurking on hospitals and front-line organizations dealing with Novel COVID 19.
Note 2– Reiterating the same, Microsoft issued a public statement in June’20 that hackers would employee techniques such as exploiting VPN or remote access vulnerabilities to gain access to private or public IT Infrastructure.