For the first time, the hackers group that is being sponsored by North Korea State government is found spreading ransomware on computer networks related to companies and organizations operating in South Korea.
According to the intelligence gathered by the National Police Agency of South Korea, the Kim Jong UN funded hacking groups were caught stealing email and identity related credentials related to over 890 foreign policy proficients in the past few weeks.
Phishing tactics were used to steal data from the think tanks and professors as the criminals were using the name of People Power Party Chief or the head of Korea National Diplomatic Academy to trap victims.
Preliminary Inquires revealed that at least 49 people fell prey to the fraudulent tactics and gave credentials related to their email accounts, respectively. And it later paved the way to the spread of file encrypting malware onto the networks of over 13 firms, out of which 2 victims paid $2000 in BTC to regain access to their locked out systems.
More details about the ransomware group involved in the incident will be updated after confirmation!
The second news is related to The Lake Charles Memorial Health System, a Louisiana based healthcare firm that fell prey to Hive Ransomware attack. Cybersecurity Insiders learnt from its sources that Hive Group stolen patient information off over 270,000 patients, that includes their full names, residence addresses, DoBs, Medical History, Patient ID Numbers, Health insurance data, payment details and social security numbers.
The incident reportedly took place on November 15th of this year and as the victim failed to pay a ransom, their details were leaked to the discussion forum in the second week of December 2022.
Online tech news resource Bleeping Computer that reported the ransomware incident first is yet to get a conformation from its experts on whether the leaked data belongs to the Louisiana based medical firm, in real or not.
Third is the news that is fictitious as a hacker named with a pseudo-name “Shadow Hacker” claiming to have stolen tons of data from the database belonging to Indian Railways. Thus, the criminal, whose true identity is yet to be probed, claims to have stolen data of 30 million IRCTC users and has put the siphoned info on sale on the dark web, as his ransom demands weren’t taken seriously. It is unclear on how the hacker gained access to the extremely secure database.