The first news which is trending on Google and related to Ransomware is about Robbinhood malware which can disable all security settings on Windows 7,8 and 10 machines.
Security researchers from Sophos have discovered that a flaw in Gigabyte’s motherboards is allowing hackers to induce Robbinhood ransomware into the Windows Computers after which the file-encrypting malware is found disabling anti-virus solutions and then starts holding files for ransom.
Sophos claims that Gigabyte has stopped the support of its drivers long ago and has declared it on an official note a few months ago. However, as the software cryptographic signature is still valid, hackers are seen tricking the victim machines to install Robbinhood Ransomware.
Reports are in that Robbinhood has so far taken down the machines in cities like Baltimore, Maryland, Greenville and North Carolina in the United States.
Meanwhile, in second news related to ransomware and trending on Google, Logistics Company of Australia named Troll Group has released an official statement saying that more than 1000 servers on its network were infected by Mailto Ransomware disrupting goods delivery across Australia.
A press release has been posted on the website and the twitter handle giving details related to the incident.
The company has assured that no personal data was compromised in the cyber incident and the recovery of its systems was on its way through the backup data.
Experts from the Australian Cyber Security Center (ACSC) along with some 3rd party cybersecurity experts have been pressed into service to investigate the incident.
Thirdly, a new ransomware has hit the cyber landscape recently which is seen targeting specifically the software used by Managed Service Providers(MSPs). The newly discovered file-encrypting malware is being called as Ragnar Locker Ransomware and was first discovered in Dec 2019.
According to a source from Bleeping Computer, those spreading Ragnar Locker are demanding ransomware ranging between $200k to $600k.
Coming to the fourth news, an e-health organization from Saskatchewan has officially disclosed that it became a victim of a ransomware attack in January 2020 resulting in the disruption of MySaskHealthRecord and other services.
Jim Hornell, the CEO of eHealth has admitted that some of their critical files were transmitted to servers having IP addresses in Europe. Meaning, some of the files were first stolen and then the database was encrypted by hackers.
Those reporting to Cybersecurity Insiders say that the attack has impacted over 27,000 desktops and 7K virtual operating systems affecting the work of over 50K employees of the healthcare network in Saskatchewan.