RobbinHood – WindowsTechs.com

Ransomware Characteristics and Attack Chains – What you Need to Know about Recent Campaigns

Posted on July 8, 2020 by Matthew Jerzewski

Ransomware has been around for decades going back all the way to 1989. Since then it has only magnified in scope and complexity. Now at a time when working remotely is becoming more universal and the world is trying to overcome the Covid-19 pandemic, r… Continue reading Ransomware Characteristics and Attack Chains – What you Need to Know about Recent Campaigns→

BYO-Bug Tactic Attacks Windows Kernel with Outdated Driver

Posted on February 10, 2020 by Tara Seals

The RobbinHood ransomware is using a deprecated Gigabyte driver as the tip of the spear for taking out antivirus products. Continue reading BYO-Bug Tactic Attacks Windows Kernel with Outdated Driver→

How ransomware attacks

Posted on November 15, 2019 by John E Dunn

A new report reveals what defenders should know about the most prevalent and persistent malware families. Continue reading How ransomware attacks→

Much-attacked Baltimore uses ‘mind-bogglingly’ bad data storage

Posted on October 18, 2019 by Lisa Vaas

IT workers have been storing files on their computers’ hard drives. One councilman’s alleged response: “That can’t be right? That’s real?” Continue reading Much-attacked Baltimore uses ‘mind-bogglingly’ bad data storage→

Sen. Van Hollen: Government sees no EternalBlue in Baltimore ransomware attack

Posted on June 4, 2019 by Shannon Vavra

A second lawmaker from Maryland now says it doesn’t appear that the ransomware attack in Baltimore relied on a stolen National Security Agency exploit, EternalBlue. “It’s the federal government’s view that EternalBlue was not involved in the ransomware attack in Baltimore City,” Democratic Sen. Chris Van Hollen told CyberScoop on Monday following a briefing on Capitol Hill from NSA officials. The briefing was organized following requests from officials who sought details on whether the government’s own exploit, which was exposed in a 2017 leak from the NSA, had been used in an attack that hobbled Baltimore for weeks. The New York Times reported May 25 that EternalBlue was used to spread the ransomware, known as RobbinHood, across networks in Baltimore and in several other American cities. Van Hollen joined Democratic Rep. Dutch Ruppersberger in his assessment, which was based on a separate briefing from the NSA last week, that the government has determined EternalBlue was not […]

The post Sen. Van Hollen: Government sees no EternalBlue in Baltimore ransomware attack appeared first on CyberScoop.

Continue reading Sen. Van Hollen: Government sees no EternalBlue in Baltimore ransomware attack→

Ruppersberger: NSA has no evidence EternalBlue was in Baltimore attack

Posted on May 31, 2019 by Shannon Vavra

Senior National Security Agency officials have no evidence a tool developed by the NSA “played a role” in the ransomware attack on Baltimore, Rep. Dutch Ruppersperger said Friday following a briefing at the agency’s headquarters. Ruppersberger, D-Md., and other officials requested briefings with the agency following a report from The New York Times that the exploit, known as EternalBlue, was used to help spread the RobbinHood ransomware variant across the city’s IT infrastructure. “I have been told that there is no evidence at this time that EternalBlue played a role in the ransomware attack currently affecting Baltimore City,” Ruppersberger said in a statement. “I’m told it was not used to gain access nor to propagate further activity within the network.” A followup briefing with other members of Maryland’s congressional delegation is expected to be held Monday. “It is important that discussions regarding the use of government cyber tools, and subsequent […]

The post Ruppersberger: NSA has no evidence EternalBlue was in Baltimore attack appeared first on CyberScoop.

Continue reading Ruppersberger: NSA has no evidence EternalBlue was in Baltimore attack→

Robbinhood ransomware attack brings down parts of City of Baltimore’s computer network

Posted on May 9, 2019 by Graham Cluley

For the second time in a year, Baltimore city government computers have been infected by ransomware. Malicious hackers are demanding that a ransom is paid for the safe recovery of encrypted files on affected computers and servers.
Read more in my arti… Continue reading Robbinhood ransomware attack brings down parts of City of Baltimore’s computer network→

RobbinHood ransomware attack brings down parts of City of Baltimore’s computer network

Posted on May 9, 2019 by Graham Cluley

For the second time in a year, Baltimore city government computers have been infected by ransomware. Malicious hackers are demanding that a ransom is paid for the safe recovery of encrypted files on affected computers and servers.
The post RobbinHood … Continue reading RobbinHood ransomware attack brings down parts of City of Baltimore’s computer network→

RobbinHood Ransomware Demands Grow $10K Per Day after Fourth Day

Posted on April 15, 2019 by David Bisson

The ransom demands imposed by the new “RobbinHood” ransomware family increase $10,000 each day beginning on the fourth day following encryption. The creators of RobbinHood appear to be aiming their attacks at entire networks. When they&#821… Continue reading RobbinHood Ransomware Demands Grow $10K Per Day after Fourth Day→