Some Siemens Healthineers (belonging to Siemens company that produces medical technique) products affected by BlueKeep…
According to Computer Weekly, Maze operators have published secret medical and personal information, including medical questionnaires, passport copies, driver’s licenses and national insurance numbers for more than 2,300 patients of the organization.
“The criminals behind the Maze ransomware attacks have struck again, stealing data from a victim and then publishing it online to get them to pay the ransom demanded. A medical facility on standby to help test any coronavirus vaccine has been hit by a ransomware group that promised not to target medical organizations”, — reports Forbes with the link on Computer Weekly.
The attack occurred only a few days after the criminal group publicly announced the cessation of attacks on medical research organizations and companies during the coronavirus pandemic. The criminals kept their promise for only three days. HMR IT staff discovered a cyberattack on March 14 and by the end of that day was able to stop it and resume computer systems and email.
HMR did not disclose how Maze could access its network. According to Troy Mursch, co-founder of Bad Packets, Hammersmith Medicines Research used a Fortinet VPN server, which could contain a vulnerability that allowed Maze to hack. Infosecurity professional, John Opdenakker, is not at all surprised that the Maze actors broke this so-called promise.
“Financial gain is, unfortunately, the only motive for criminal actors. They also know that medical organizations are currently in a very vulnerable situation due to the coronavirus outbreak, which only increases the probability that they’ll pay the ransom”, — says the Opdenakker.
The FBI has already warned of a significant surge in COVID-19 scams, for example we wrote that the Attackers Spread Fake Coronavirus Android Tracker, and championship in “licensed” hacking Pwn2Own passed in virtual environment Due to COVID-19.
At the same time, security provider Emsisoft, in collaboration with Coveware, announced that they would provide a completely free ransomware recovery service for critical hospitals and other healthcare providers. This includes developing a decryption tool whenever possible.
Vizoaksy.com is a site that tries to force you into subscribing to its browser notifications…
Keyapp.monster is a site that tries to force you into clik to its browser notifications…
Withblaockbr.org is a domain that tries to trick you into subscribing to its browser notifications…
Janorfeb.xyz is a site that tries to force you into clik to its browser notifications…
Re-captha-version-3-263.buzz is a domain that tries to force you into subscribing to its browser notifications…
Usavserver.com is a site that tries to force you into subscribing to its browser notifications…
View Comments
[…] However, cybercriminals take advantage of the panic associated with the pandemic with all means, for example, Maze operators attacked medical company, which is testing vaccine for COVID-19. […]
[…] example, some attackers spread fake coronavirus android tracker, and, say, Maze operators attacked medical company, which is testing vaccine for […]
[…] promised to decrypt the data free if the attack accidentally affects doctors. However, Maze soon violated their Robin Hood […]
[…] Maze and DoppelPaymer operators promised not to attack medical facilities during the pandemic, but Maze soon broke these promises. DoppelPaymer, as we see, did not attack doctors, however, due to this criminals do not cease to be […]
[…] Also note that the operators of Maze and DoppelPaymer ransomware suspended attacks on medical organizations. However, one of them soon broke the promise. […]