Shutterstock
The Scottish Association for Psychological Wellness (SAMH) has verified that it has fallen sufferer to a ransomware attack that has impacted its IT programs, such as email and some phone lines.
SAMH confirmed to IT Pro that the attack experienced taken place but is still doing the job to absolutely have an understanding of the incident.
Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).
➤ Get Mullvad VPN with 12% Discount
“SAMH is presently working with an IT incident, which is influencing our colleagues’ skill to receive and reply to emails throughout each our national and community support spots,” a assertion on its web-site reads. “Some of our national phone lines are also influenced.
“Our neighborhood products and services are nonetheless reachable by phone and proceed to guidance provider customers throughout Scotland.”
Cyber security researcher Soufiane Tahiri noticed a dark web details dump containing a lot more than 12GB worth of data belonging to the charity on Monday. The gang behind the RansomEXX ransomware pressure claimed duty by introducing SAMH to its sufferer listing.
The details contains delicate info this sort of as names address, email addresses, and passport scans. Onlookers have described the attack on the charity as “disgusting”.
Which is some actual disgusting perform by #RansomEXX https://t.co/1gSvwtyMZl
— SOS Intelligence (@SOSIntel) March 21, 2022
IT Pro is expecting to obtain an additional statement from SAMH with more specifics about the attack and how it has afflicted the organisation. This story will be up-to-date when new developments are discovered.
The RansomEXX ransomware was very first observed in 2018 but came to prominence in 2020 right after a selection of high-profile attacks on federal government departments like the Texas Department of Transportation.
Analysing the ransomware in 2021, cyber security firm Cybereason mentioned RansomEXX is generally made use of in “multi-staged human-operated attacks targeting different govt-relevant entities”.
The ransomware is recognized for disabling security solutions to more simply infect a concentrate on machine. RansomEXX started on Windows but has additional not long ago advanced to operate a Linux variant as well, Cybereason stated, although the Linux variant is much less sophisticated and lacks sure operation like disabling security goods.
RansomEXX is also a file-significantly less ransomware strain, “usually sent as a secondary in-memory payload with out at any time touching the disk”.
Other RansomEXX victims include Embraer, 1 of the largest aircraft brands in the globe, Japanese company technology enterprise Konica Minolta, and Brazil’s court docket method in November 2020.
The cyber criminals driving RansomEXX have also been found to have been targeting flaws in VMware’s ESXi hypervisor in October 2020.
Some pieces of this post are sourced from:
www.itpro.co.uk