This week in ransomware

It’s been an active week in the “ransomware industry” as multiple attacks and breaches have impacted millions of people and will end up costing millions to fix.


New tactics being used

From leveraging new applications to using sites that can be indexed and searchable on the internet, ransomware gangs are trying anything to pressure companies and individuals to pay up.


Maximus most recent victim

The US Government contractor fell victim to a ransomware attack, a report released today confirmed.  Up to 11 million records have been exposed.

News > Cyber-Attacks > Ransomware
by Kevin Wood

This Week In Ransomware
july 28th, 2023



Clop ransomware gang strikes again; new tactics being used

Ransom payments are seeing a decline which means ransomware gangs are evolving their extortion tactics to utilize new methods to pressure victims.

Both the Clop and BlackCat/ALPHV ransomware gangs began utilizing new tactics as a part of their extortion schemes. Clop started to create clearweb sites to leak data stolen during the MOVEit Transfer attacks, exposing the data of up to 11 million people.

By using a clearweb site, it’s easier to access stolen data and could possibly allow search engines to index the data so it’s available to a broader audience. This kind of tactic applies more pressure to victims to have it removed as their data can be actively searched.

At this time this article was written, Clop was only targeting the larger MOVEit victims that have a better chance of paying out, compared to individuals who are less likely to pay anything.

There was also a new extortion strategy from BlackCat, creating a new API to make it easier to grab almost realtime information listed on their sites. This new technique, like the technique from Clop, aims to quickly make public the gang’s new victims, hoping to put pressure on victims so they end up paying the ransom.

Sophos also released new details on the Nitrogen initial access malware used by BlackCat.

July 23rd 2023

Clop now leaks data stolen in MOVEit attacks on clearweb sites

The Clop ransomware gang is copying an ALPHV ransomware gang extortion tactic by creating Internet-accessible websites dedicated to specific victims, making it easier to leak stolen data and further pressuring victims into paying a ransom.

July 24th 2023

Yamaha confirms cyberattack after multiple ransomware gangs claim attacks

Yamaha’s Canadian music division confirmed that it recently dealt with a cyberattack after two different ransomware groups claimed to have attacked the company.

Akira Ransomware: What You Need to Know

Akira ransomware is a new and sophisticated threat that has been targeting organizations in recent months. The ransomware encrypts files on the victim’s system and then demands a ransom payment in order to decrypt them

July 26th 2023

New Nitrogen malware pushed via Google Ads for ransomware attacks

A new ‘Nitrogen’ initial access malware campaign uses Google and Bing search ads to promote fake software sites that infect unsuspecting users with Cobalt Strike and ransomware payloads.

ALPHV ransomware adds data leak API in new extortion strategy

The ALPHV ransomware gang, also referred to as BlackCat, is trying to put more pressure on their victims to pay a ransom by providing an API for their leak site to increase visibility for their attacks.

July 27th 2023

8 million people hit by data breach at US govt contractor Maximus

U.S. government services contractor Maximus has disclosed a data breach warning that hackers stole the personal data of 8 to 11 million people during the recent MOVEit Transfer data-theft attacks.

July 28th 2023

Hawaii Community College pays ransomware gang to prevent data leak

The Hawaii Community College has admitted that it paid a ransom to ransomware actors to prevent the leaking of stolen data of approximately 28,000 people.

New Black Beserk ransomware

PCrisk found the Black Berserk ransomware, which appends the .Black extension and drops a ransom note named Black_Recover.txt.


  • 93% of companies without Disaster Recovery who suffer a major data disaster are out of business within one year.
  • 96% of companies with a trusted backup and disaster recovery plan were able to survive ransomware attacks.
  • More than 50% of companies experienced a downtime event in the past five years that longer than a full workday.
  • Estimate are that unplanned downtime can cost up to $17,244 per minute, with a low-end estimate of $926 per minute.
  • If any of these statistics concerned you or made you ponder your current DR plan, it may be time to talk to our team about how we can help.
  • Click the button below to contact our Sales Team to get started!

    Get Started Today!