Skip to content
NGTEdu Logo

NGTEdu

A PRODUCT OF NGTECH.CO.IN

NGTEdu Logo

NGTEdu

  • Home
  • Cyber Attacks
  • Malware
  • Vulnerabilities
  • Data Breach
  • Home
  • Cyber Attacks
  • Egregor Ransomware Strikes Metro Vancouver’s TransLink
  • Cyber Attacks
  • Data Breach
  • Malware

Egregor Ransomware Strikes Metro Vancouver’s TransLink

5 years ago David Bisson
Egregor Ransomware Strikes Metro Vancouver’s TransLink

The Egregor ransomware gang struck TransLink, the authority responsible for managing Metro Vancouver’s transportation network.

On December 1, TransLink announced that certain issues were affecting its phones, online services and payment systems.

The authority later confirmed that it had suffered a ransomware attack and that those responsible for the infection had used its printers to deliver their ransom note.

Global BC reporter Jordan Armstrong confirmed this in his coverage of the security incident.

Ransom letter that’s been rolling off the printers at @TransLink.
Sources tell me, at this point, @TransLink does NOT intend to pay.

But a cyber security expert we spoke to says this is a sophisticated new type of ransomware attack… and many victims do pay.@GlobalBC pic.twitter.com/2tYLy4lZkG

— Jordan Armstrong (@jarmstrongbc) December 4, 2020

Bleeping Computer examined the ransom note and used it to attribute the attack to the Egregor ransomware gang.

At the end of October 2020, the security community learned that many of Maze’s affiliates were moving over to Egregor after Maze’s handlers had announced that they were shutting down that ransomware strain’s operations.

A few weeks after claiming Japanese video game developer Capcom as one of its victims, the Egregor ransomware crew drew attention to itself by hijacking its victims’ printers in order to deliver its ransom notes.

Egregor is one of the many ransomware operations that maintains a data leaks site for publishing non-compliant victims’ stolen information. These portals enable digital attackers to double-extort their victims: once for the decryption key and again for the deletion of their stolen information.

The issue with Egregor is that it is among a handful of crypto-malware enterprises that don’t always honor victims who have paid a ransom to have their data deleted. In fact, Egregor’s attackers sparked the curiosity of security researchers in Q3 2020 for publishing stolen information on their site before the victims knew that their data had even been taken.

Egregor’s targets and techniques highlight the need for organizations to defend themselves against a ransomware infection. One of the ways they can do this is by working to prevent a ransomware attack in the first place. This resource could serve as a starting point for organizations’ anti-ransomware efforts.

The post ” Egregor Ransomware Strikes Metro Vancouver’s TransLink” appeared first on TripWire

Source:TripWire – David Bisson

Tags: Malware, Ransomware, TripWire

Continue Reading

Previous Hackers Targeting Companies Involved in Covid-19 Vaccine Distribution
Next Vancouver Metro Disrupted by Egregor Ransomware

More Stories

  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

China-Linked DKnife AitM Framework Targets Routers for Traffic Hijacking, Malware Delivery

2 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Vulnerabilities

CISA Orders Removal of Unsupported Edge Devices to Reduce Federal Network Risk

3 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Asian State-Backed Group TGR-STA-1030 Breaches 70 Government, Infrastructure Entities

4 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach

How Samsung Knox Helps Stop Your Network Security Breach

6 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

8 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Data Breach
  • Vulnerabilities

Claude Opus 4.6 Finds 500+ High-Severity Flaws Across Major Open-Source Libraries

11 hours ago [email protected] (The Hacker News)

Recent Posts

  • China-Linked DKnife AitM Framework Targets Routers for Traffic Hijacking, Malware Delivery
  • CISA Orders Removal of Unsupported Edge Devices to Reduce Federal Network Risk
  • Asian State-Backed Group TGR-STA-1030 Breaches 70 Government, Infrastructure Entities
  • How Samsung Knox Helps Stop Your Network Security Breach
  • Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

Tags

Android APT Bug CERT Cloud Compliance Coronavirus COVID-19 Critical Severity Encryption Exploit Facebook Finance Google Google Chrome Goverment Hacker Hacker News High Severity Instagram iPhone Java Linux Low Severity Malware Medium Severity Microsoft Moderate Severity Mozzila Firefox Oracle Patch Tuesday Phishing Privacy QuickHeal Ransomware RAT Sim The Hacker News Threatpost TikTok TripWire VMWARE Vulnerability Whatsapp Zoom
Copyright © 2020 All rights reserved | NGTEdu.com
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More here.Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT