A cloud computing firm called Trellance recently experienced a ransomware attack, leading to disruptions and outages for around 60 credit unions in the US. The National Credit Union Administration confirmed the incident and assured the public that systems would be restored soon. It remains uncertain whether the impacted insurer’s union will pay the ransom, but reports indicate that Trellance has a strong business continuity plan in place, suggesting a resistance to yielding to the cybercriminals’ demands. Interestingly, this attack coincided with a file-encrypting malware assault on the water authority in Pennsylvania.
The BlackCat Ransomware gang, also known as ALPHV, has shared screenshots on the dark web displaying stolen data from platforms like Tipalti, Roblox, and Twitch. This confirms the successful infiltration of data servers belonging to these companies. The cybercriminals managed to remain undetected for an extended period, exfiltrating a total of approximately 256 GB of data, including information about employees and customers. ALPHV is known for using phishing and social engineering tactics, which they likely employed to compromise the networks of Roblox, Tipalti, and Twitch.
A new ransomware group called Qilin has been discovered infecting VMware ESXi servers with encryptors. Security analysts believe that Qilin may have connections to the Babuk source code. The malware has the capability to infect virtual machines and erase snapshots after encryption. Initially known as “Agenda Ransomware,” Qilin was rebranded and started spreading in September 2022.
Key points:
1. Trellance, a cloud computing firm, experienced a ransomware attack, impacting 60 credit unions in the US.
2. The BlackCat Ransomware gang successfully infiltrated data servers of Tipalti, Roblox, and Twitch, stealing approximately 256 GB of data.
3. Qilin, a newly identified ransomware group, is infecting VMware ESXi servers and erasing snapshots after encryption.