Top identified ransomware attacks during the final weeks of 2020

January 01, 2021

Review of the top identified ransomware attacks during the final weeks of December 2020

 

A review of the top identified ransomware attacks during the last two weeks of December 2020 revealed a significant increase in ransomware attacks on high profile targets, such as the trucking company Forward Air, home appliance manufacturer Whirpool and others.

See below for the main captions of recent cyber ransomware events as published by Bleepingcomputer:

December 19th, 2020

New ransomware called ANCrypted was identified by security researcher M. Shahpasandi.

 

December 20th, 2020

Flavor and fragrance designer Symrise shut down its production after falling victim to a phishing attack orchestrated by the Clop ransomware gang, an infamous cybercriminal group that was behind additional large scale attacks, including a reported theft of over 2 million credit cards.

 

December 21st, 2020

  • A new ransomware gang, Hades, attacked the leading US trucking and freight logistics company Forward Air, impacting its operations.
  • A new ransomware task force (RTF) launched by the Institute for Security and Technology (IST), in partnership with a coalition of experts in various industries, including, industry, government, law enforcement, non-profits and others, with the purpose of battling this type of cybercrime.

December 22nd, 2020

Safe-Inet and Insog VPN and proxy services identified as facilitating cybercriminal activity by Europol and S. Law enforcement agencies. As per Europol, these services were used by some of the world’s more significant cybercriminal players for various types of attacks, including ransomware and other types of cybercriminal activity.

December 23rd, 2020

  • Dark Web ransomware activities were identified, with the U.S being the top attacked country, following by UK, Mexico, Canada, South Korea and Israel.

December 24th, 2020

  • Sangoma, FreePBX phone system developer, was subjected to a Conti ransomware attack in which the company’s files were stolen and published online.
  • A new ransomware, called RansomeToad, affecting the .rtcrypted extension was identified by xiaopao.

December 25th, 2020

  • A new funny (HaHaHaHaHaHaHaHa) ransomware, an add-on to encrypted filed, was identified by MalwareHunterTeam.

December 26th, 2020

New ransomware, PThree, appending the .16x extension to encrypted files was identified.

December 28th, 2020

Home appliance manufacturer Whirlpool hit by the Nefilim ransomware gang who stole sensitive files from the company, such as employee benefits, background checks and medical information, leaking it online.

 

December 29th, 2020

A warning was issued by the US Treasury Department’s Financial Crimes Enforcement Network (FinCEN), to financial institutions of potential malware attacks targeting organizations engaged in the Covid-19 vaccine research.

Follow Us on Facebook for the latest news and insights on cybersecurity. 

Stay Safe with TrustNet!

Share Now: