Carding Forum
Professional
- Messages
- 2,788
- Reaction score
- 1,176
- Points
- 113
A ransomware group has stolen 1.7 TB of data and is threatening to publish it.
In the small town of Summerville, South Carolina, last week there was a major cyber attack using ransomware. The hacker group responsible for this incident claims to have stolen more than 1.7 TB of confidential information from the local police department.
Officials from the Charleston suburb released a statement about the cyberattack on the municipality's official website and Facebook page * on Friday afternoon. The text of the statement says that the attack was quickly identified and contained, thanks to which it was possible to minimize potential damage. Despite this, a group of hackers called Embargo claims that they managed to steal a significant amount of data from the Summerville Police Department.
In an official statement, the authorities said that all municipal services, including the police, fire service and public utilities, continue their work as usual and ensure the safety and well-being of residents. However, hackers in their blog on the Darknet claim the opposite and threaten to publish the stolen data if the ransom is not paid by July 30.
Source Cybernews
At the same time, the hackers did not provide samples of the allegedly stolen data or details about them, which is usually done by many ransomware groups as proof of their claims. However, they made provocative accusations against Summerville police, claiming that the department "provides the highest level of service in shooting black children." The contact details of the police Chief and the department's network administrator were also published.
It is noteworthy that no official charges or other media materials linking the Summerville police to racist incidents were found. In April of this year, a Summerville police officer who previously served in New York was charged with the murder of a man outside a Chick-fil-A restaurant. The victim was of European origin.
City officials promise to thoroughly investigate the incident and conduct a comprehensive analysis of all systems, which will be reported further as new information becomes available.
The Embargo group appeared on the ransomware scene on April 17 this year, claiming to have hacked a well-known construction company, Mulford, in the Washington area. Summerville police are listed as the ninth victim on the group's website, although the Cybernews Ransomlooker search engine counts 11 victims of Embargo.
Experts note numerous similarities between Embargo and the now-defunct ALPHV/BlackCat group, which quietly disappeared in March after UnitedHealth Group paid the infamous cartel a $ 22 million ransom for devastating ransomware attacks on Change Healthcare.
Cybersecurity experts found that the Embargo ransomware variant, like the ALPHV group's proprietary BlackCat software, was created using the cross-platform Rust programming language, which is almost impossible to reverse engineer without an encryption key. We also found a similar approach to creating logs, which suggests that Embargo may be a rewritten version of the old ALPHV version.
Both groups are known for their double extortion methods, where attackers first demand a ransom for decrypting the victim's data, and then a second ransom for ensuring that the stolen data will not be published. A typical Embargo buyout demand is reportedly around $ 1 million.
Source
In the small town of Summerville, South Carolina, last week there was a major cyber attack using ransomware. The hacker group responsible for this incident claims to have stolen more than 1.7 TB of confidential information from the local police department.
Officials from the Charleston suburb released a statement about the cyberattack on the municipality's official website and Facebook page * on Friday afternoon. The text of the statement says that the attack was quickly identified and contained, thanks to which it was possible to minimize potential damage. Despite this, a group of hackers called Embargo claims that they managed to steal a significant amount of data from the Summerville Police Department.
In an official statement, the authorities said that all municipal services, including the police, fire service and public utilities, continue their work as usual and ensure the safety and well-being of residents. However, hackers in their blog on the Darknet claim the opposite and threaten to publish the stolen data if the ransom is not paid by July 30.
Source Cybernews
At the same time, the hackers did not provide samples of the allegedly stolen data or details about them, which is usually done by many ransomware groups as proof of their claims. However, they made provocative accusations against Summerville police, claiming that the department "provides the highest level of service in shooting black children." The contact details of the police Chief and the department's network administrator were also published.
It is noteworthy that no official charges or other media materials linking the Summerville police to racist incidents were found. In April of this year, a Summerville police officer who previously served in New York was charged with the murder of a man outside a Chick-fil-A restaurant. The victim was of European origin.
City officials promise to thoroughly investigate the incident and conduct a comprehensive analysis of all systems, which will be reported further as new information becomes available.
The Embargo group appeared on the ransomware scene on April 17 this year, claiming to have hacked a well-known construction company, Mulford, in the Washington area. Summerville police are listed as the ninth victim on the group's website, although the Cybernews Ransomlooker search engine counts 11 victims of Embargo.
Experts note numerous similarities between Embargo and the now-defunct ALPHV/BlackCat group, which quietly disappeared in March after UnitedHealth Group paid the infamous cartel a $ 22 million ransom for devastating ransomware attacks on Change Healthcare.
Cybersecurity experts found that the Embargo ransomware variant, like the ALPHV group's proprietary BlackCat software, was created using the cross-platform Rust programming language, which is almost impossible to reverse engineer without an encryption key. We also found a similar approach to creating logs, which suggests that Embargo may be a rewritten version of the old ALPHV version.
Both groups are known for their double extortion methods, where attackers first demand a ransom for decrypting the victim's data, and then a second ransom for ensuring that the stolen data will not be published. A typical Embargo buyout demand is reportedly around $ 1 million.
Source
