A new ransomware group dubbed RA Group has been hitting the news headlines for the past two weeks. The group is targeting organizations operating in the United States and South Korea. Currently, it appears that the attackers are primarily focusing on companies in manufacturing, wealth management, insurance, and pharmaceuticals sectors. They employ double extortion attacks and leak details through a newly developed website accessible only through the dark web.
Security researchers from Cisco Talos have discovered that the RA Group utilizes an encryptor previously seen in the source code of the Babuk Ransomware.
The second piece of news is related to Michael Kors, but not the clothing brand. It concerns a ransomware operation operating under the same name. According to an analysis report by CrowdStrike, a newly emerged malware-spreading gang has been targeting Linux and VMware ESXi systems since April 2023. Stealing data from VMware software-operated servers is technically challenging, but Michael Kors seems to be an exception.
The third news story is about a company named PharMerica that lost over 5.8 million patient data records to hackers. The massive data breach occurred through the servers of this pharmacy service provider, which operates in 50 states of America.
According to the details submitted to the Office of the Maine Attorney General, the attack took place on or before May 12th of this year, during which criminals stole information such as full names, addresses, dates of birth, social security numbers, medications, and health insurance details. Currently, there is no news about the misuse of the stolen data.
Experian has been assigned the project of offering identity protection and fraud monitoring services to all the affected individuals. Hopefully, this service will help mitigate the risks associated with the malicious attack, such as phishing and other social engineering attacks.
Business processing giant Capita has made headlines this week by stating that the ransomware attack on its servers in March this year could result in a loss of around £20m. The company reveals that the information of almost every individual registered in the UK’s University Superannuation Scheme might have been compromised. Consequently, all 500,000 members should remain vigilant against digital fraud soon.