Compal Electronics Suffers DoppelPaymer Ransomware Attack

Computer manufacturer Compal Electronics has been hit by a DoppelPaymer ransomware attack, and the ransom is US$16.7 million.

DoppelPaymer is a ransomware operation known for attacking enterprise targets by gaining access to admin credentials and using them to spread throughout a Windows network. Once they gain access to a Windows domain controller, they deploy the ransomware payloads to all devices on the network.

According to the DoppelPaymer Tor payment site linked to in the ransom note, the ransomware gang is demanding 1,100 Bitcoins, or $16,725,500.00 at today’s prices, to receive a decryptor.

Mattel Revealed it Suffered a Data Breach on June 28

Toy company Mattel suffered ransomware attack on June 28, 2020. It revealed this in a 10-Q form filed with the Securities and Exchange Commission (SEC).

On July 28, 2020, Mattel discovered that it was the victim of a ransomware attack on its information technology systems that caused data on a number of systems to be encrypted. Promptly upon detection of the attack, Mattel began enacting its response protocols and taking a series of measures to stop the attack and restore impacted systems. Mattel contained the attack and, although some business functions were temporarily impacted, Mattel restored its operations.

Ransomware Hackers Now Want Your Nudes

Security researchers discover a new form of blackmail from ransomware hackers: They demand nudes instead of money.

While most ransomware strains require monetary compensation in return for a decryptor, Ransomwared is demanding a more unusual payment. Once a computer is infected, a pop up will appear and demand that the victim send the author pictures of “tits” in exchange for an “unlock code.”

Maybe this speaks to my cynicism or just the fact that the world is filled with bad people. But I’m honestly surprised I haven’t heard of this type of ransomware extortion sooner. You could just send random porn, they wouldn’t be able to know if they’re actually your nudes. But they might ask you to hold up a sign with the current date as proof that it’s you. However, what if you just searched online for a nude with a sign, then photoshopped the current date on it? Okay, I need to stop. This is why Charlotte worries about me.

Travelex Infected With Sodinokibi Ransomware, Attacker Wants $3M

A cyber attack infected international foreign currency exchange Travelex with Sodinokibi ransomware. The attackers are demanding US$3 million.

The attack occurred on December 31 and affected some Travelex services. This prompted the company to take offline all its computer systems, a precaution meant “to protect data and prevent the spread of the virus.”

We were told that they deleted the backup files and that the ransom demanded was $3 million; if not paid in seven days (countdown likely started on December 31), the attackers said they will publish the data they stole.

News+: Don't Give Money to Ransomware Scammers

In the latest issue of PCMag, Max Eddy writes that you shouldn’t give money to ransomware attackers when they ask.

First, most cyberattacks—including ransomware—don’t last long. The command and control servers that issue the unlock commands and receive payment can be found and taken offline…In either case, anyone who has been infected and not paid the ransom can no longer get their system unlocked, even if they pay.

This is why keeping several backups is important, one online, one offline. And keep your operating system up to date with the latest security patches and improvements.

This is part of Andrew’s News+ series, where he shares a magazine every Friday to help people discover good content in Apple News+.

New Mac Ransomware Leaves Your Files Permanently Encrypted

Mac users hoping to score Adobe Premiere Pro CC and Microsoft Office for free through BitTorrent sites are in for an ugly surprise thanks to a new ransomware making the rounds. The ransomware, called OSX/Filecoder.E, encrypts the contents of victim’s hard drives and demands payment in Bitcoin, but there isn’t any way to actually decrypt and recover files.