Friend
Professional
- Messages
- 2,664
- Reaction score
- 876
- Points
- 113
The initial price of "exclusive data" is 5 bitcoins.
A major American publication, The Washington Times, has become a new victim of the Rhysida ransomware program. On Wednesday, the hacker group posted information about the attack on its darknet site, announcing its intention to sell the newspaper's "exclusive data" at an online auction.
The attackers set a seven-day deadline before the start of trading, urging potential buyers to "prepare their wallets". The starting price for the proposed data set is 5 bitcoins, which is equivalent to 292,030 US dollars at the exchange rate of cryptocurrencies on Thursday.
The Washington Times, a Washington-based right-wing daily newspaper, is considered one of the ten most visited conservative media outlets in the United States. According to Statista, the publication's website attracts more than 3 million monthly visitors, and the daily print edition has more than 50,000 copies.
The newspaper was founded during the Reagan administration as an alternative to the more liberal Washington Post. The Rhysida group did not specify the amount of data allegedly stolen from the Times servers, but provided a sample as "proof" of the attack.
Despite the fact that the sample is difficult to make out, Cybernews specialists were able to study it. According to them, it contains various corporate files, including bank statements, employee documents, as well as a copy of a Texas driver's license and a person's social security card.
At the time of publication of the news, The Washington Times website was working without visible failures. The publication was opened in 1982 by the international media conglomerate News World Communications, associated with the Christian religious movement "Unification Church".
In addition to The Washington Times, the Unification Church, whose followers are nicknamed "moonites" after its Korean founder and leader, Sun Myung Moon, owns several other media outlets around the world. Among them are the American news agency United Press International (UPI), as well as newspapers in Japan, South Korea and South America.
The Rhysida group has claimed 114 victims on its darknet website since its launch in May 2023. According to the updated profile of the US Department of Defense, the gang has infiltrated various sectors, including education, healthcare, manufacturing, and local government.
Rhysida operates on a ransomware-as-a-service (RaaS) model, selling its hacking tools to fellow criminals for a fraction of the profit. Hackers often practice double extortion: even after the victim has paid for the decryption key, they threaten to publish the stolen data if they do not receive a second payment.
This year, the group claimed responsibility for hacking the National British Library, considered the world's largest repository of historical knowledge, as well as the Anne & Robert H. Lurie Children's Hospital in Chicago. After the ransom demand of $ 4 million (60 BTC) was not met, Rhysida published all the clinic's documents.
In 2023, the victims of the attacks were the California medical conglomerate Prospect Medical Holdings (PMH), which led to failures in dozens of hospitals and medical institutions in several states, as well as the Munich video game company Travian Games.
In February of this year, a research team from the Korea Internet Security Agency (KISA) was able to crack the gang's encryption code and published the free decryption tool Rhysida on its website, along with a guide to its use. This is a significant step in the fight against the group's activities, which can help future victims recover their data without having to pay a ransom.
Source
A major American publication, The Washington Times, has become a new victim of the Rhysida ransomware program. On Wednesday, the hacker group posted information about the attack on its darknet site, announcing its intention to sell the newspaper's "exclusive data" at an online auction.
The attackers set a seven-day deadline before the start of trading, urging potential buyers to "prepare their wallets". The starting price for the proposed data set is 5 bitcoins, which is equivalent to 292,030 US dollars at the exchange rate of cryptocurrencies on Thursday.
The Washington Times, a Washington-based right-wing daily newspaper, is considered one of the ten most visited conservative media outlets in the United States. According to Statista, the publication's website attracts more than 3 million monthly visitors, and the daily print edition has more than 50,000 copies.
The newspaper was founded during the Reagan administration as an alternative to the more liberal Washington Post. The Rhysida group did not specify the amount of data allegedly stolen from the Times servers, but provided a sample as "proof" of the attack.
Despite the fact that the sample is difficult to make out, Cybernews specialists were able to study it. According to them, it contains various corporate files, including bank statements, employee documents, as well as a copy of a Texas driver's license and a person's social security card.
At the time of publication of the news, The Washington Times website was working without visible failures. The publication was opened in 1982 by the international media conglomerate News World Communications, associated with the Christian religious movement "Unification Church".
In addition to The Washington Times, the Unification Church, whose followers are nicknamed "moonites" after its Korean founder and leader, Sun Myung Moon, owns several other media outlets around the world. Among them are the American news agency United Press International (UPI), as well as newspapers in Japan, South Korea and South America.
The Rhysida group has claimed 114 victims on its darknet website since its launch in May 2023. According to the updated profile of the US Department of Defense, the gang has infiltrated various sectors, including education, healthcare, manufacturing, and local government.
Rhysida operates on a ransomware-as-a-service (RaaS) model, selling its hacking tools to fellow criminals for a fraction of the profit. Hackers often practice double extortion: even after the victim has paid for the decryption key, they threaten to publish the stolen data if they do not receive a second payment.
This year, the group claimed responsibility for hacking the National British Library, considered the world's largest repository of historical knowledge, as well as the Anne & Robert H. Lurie Children's Hospital in Chicago. After the ransom demand of $ 4 million (60 BTC) was not met, Rhysida published all the clinic's documents.
In 2023, the victims of the attacks were the California medical conglomerate Prospect Medical Holdings (PMH), which led to failures in dozens of hospitals and medical institutions in several states, as well as the Munich video game company Travian Games.
In February of this year, a research team from the Korea Internet Security Agency (KISA) was able to crack the gang's encryption code and published the free decryption tool Rhysida on its website, along with a guide to its use. This is a significant step in the fight against the group's activities, which can help future victims recover their data without having to pay a ransom.
Source
