A recent ransomware attack has caused significant disruption to 18 hospitals across Romania, putting a halt to their operations. The attack targeted the Hipocrate Information System (HIS), which is essential for managing patient care and medical records. As a result, the system is currently down, leaving hospitals struggling to maintain their usual level of care.

The patient care and medical records are currently unavailable

The attack occurred overnight between February 11 and 12, 2024, leading to encrypted databases and files. The Romanian Ministry of Health has acknowledged the severity of the situation and is actively working on a solution. Efforts to recover the affected systems are in progress, with IT and cybersecurity experts from the National Cyber Security Directorate (DNSC) leading the charge.

The impact of the ransomware attack is widespread, affecting a variety of medical facilities including regional hospitals and cancer treatment centers. To prevent further damage, the Ministry of Health has enhanced security measures for other hospitals that were not affected by the attack.

Currently, the details about the ransomware group behind the attack or the specifics of the data compromised are not clear. The provider of the HIS system, RSC, has not yet made a public statement regarding the incident.

Incidents such as these expose the vulnerability of healthcare systems to cyberattacks and further boost the importance of robust cybersecurity measures to protect sensitive patient data and ensure the continuous operation of critical healthcare services. This is one sector that can’t afford serious downtime like these, and for obvious reasons too!

RELATED:

• 3 Million Smart Toothbrushes Got Hacked in a DDoS Attack
• The Rising Toll of Cyber Attacks in 2024 and Beyond
• Get the Realme GT5 Pro phone on Giztop for $599
• Best of CES 2024 – Products that stood out this year!

(VIA)

The post Massive Ransomware Attack Hits 18 Hospitals Across Romania appeared first on Gizmochina.

Sony‘s Insomniac Games has just been hacked by a ransomware group. The attack came from a group called Rhysida who managed to gain access to some sensitive information from the gaming studio and also leak screenshots of its upcoming Marvel title. So let’s have a look.

Marvel’s Wolverine screenshots leaked in Insomniac hack

Back in 2019, Sony acquired Insomniac Games studio to develop its first party exclusive titles for the PlayStation. The studio went on to release Marvel’s Spider-Man franchise, which was a major hit in the market. It was later revealed that Insomniac would also be working on a new superhero game from Marvel, which was Wolverine. A short trailer was released, but finer details were revealed. Now, the latest hack shared screenshots of gameplay of the upcoming Wolverine title.

Sony Interactive Entertainment has started an investigation into this hack, with CyberDaily (a cybersecurity news website) first reporting on the attack. According to an official Sony spokesperson, only the Insomniac Games studio appears to be affected by the attack and other Sony divisions weren’t targeted by the ransomware group. In a collage of screenshots shared on Rhysida’s website, private information of the studio was revealed. This includes emails between Insomniac staff, employment documents, Marvel’s Wolverine screenshots, and what appears to be passports or other government documents from Insomniac Games staff.

This attack even affected the Spider-Man 2 voice actor, Yuri Lowenthal. For those unaware, Rhysida is the same group which claimed responsibility for attacks on UK healthcare companies earlier this year. The hackers have also targeted firms in the education, manufacturing, information technology, and government sectors as well. This is all the information we have at the moment, so stick around for more as we will be providing updates if there’s any significant developments regarding this matter.

RELATED:

• PlayStation & Xbox end-of-year recap is live for gamers
• Pokémon GO’s Winter Holiday Event Unveils New Pokémon and Festive Fun
• Xiaomi Smart Band 8 Pro Genshin Impact Special Edition up for sale
• Giztop’s Christmas Holiday Savings: Unwrap Joy with Exclusive Discount
• Get the Realme GT5 Pro phone on Giztop for $599
• Best Apple Watch Cases in 2023: Spigen, Otterbox, Casetify & More

The post Insomniac Games hack leaks screenshots of upcoming Wolverine game appeared first on Gizmochina.

Apple has just held its “Spring Loaded” event in which it unveiled its latest iPad Pro models along with a redesigned iMac, and the long rumored AirTags as well. Although, during the course of this event, one of the company’s primary MacBook supplier was suffering from a major ransomware attack worth 50 million US Dollars.

According to a Bloomberg report (Via MacRumors), the ransomware group, REvil, has publicly announced earlier this week that it had accessed the internal computers of the Cupertino based giant’s Quanta Computer Inc, which is based in Taiwan. In the attack, REvil managed to obtain 15 images/schematics of unreleased MacBook models. This includes “specific component serial numbers, sizes and capacities detailing the many working parts inside” of the MacBook, as per documents and blog posts found by Bloomberg.

Notably, Quanta Computers also works with other electronics brands like HP, Facebook, and more, but the ransomware attack was specifically targeted towards Apple. In the blog post, the group also demanded that the iPhone maker pay up an undisclosed ransom for the images/schematics they had obtained through the supplier by the date of May 1. Unfortunately, an Apple spokesperson declined to comment on the matter.

Although, Quanta Computer has since acknowledged the attack and has stated that the incident had no “material impact” on its operations as a whole. Furthermore, the supplier is also strengthening its cybersecurity infrastructure. But, REvil, in talks with Quanta during the negotiations, said that it had stolen and encrypted “all local network data,” which it would only give up once the large ransom sum is finally paid.

RELATED:

• Apple iPad Pro 2021 arrives with M1 chip, mini-LED display, 5G and more!
• Apple announces the second gen Apple TV 4K powered by A12 Bionic chipset
• Apple’s incredibly thin new iMac has an M1 chip and comes in seven colors

The post Apple supplier faces $50 million Ransomware attack for stolen schematics for unreleased MacBook appeared first on Gizmochina.

With the recent and explosive growth of Clubhouse app, fake versions of the application has been spreading around via fake ads. These ads have also been responsible for the increasing number of malware infections.

According to a PhoneArena report, the rising popularity is what likely lead to the creation of these fake ads of a non existent Clubhouse app. For those unaware, Clubhouse is only available in Apple iOS at the moment. Meaning, the Android version is still a few months away. But since the app has been quite popular in recent times, fake ads of its non existent versions, which is filed with malware has been circulating online.

For those unaware, the audio only chat room has become a rising social media platform over the course of a year. But, certain Facebook ads have been connecting users to pages on the social media site that impersonate the app. If people click on these ads, they will be directed to a fake Clubhouse PC website. When tapped, the link is also included with malware, which is downloaded into the victim’s device.

This app seeks instructions from a C&C (command and control) server as to what action to take next. Some of the people that clicked on the fake ads had their device be loaded with ransomware. In other words, victims would have to pay money for the infected device to function normally again. While Facebook hasn’t revealed the exact number of clicks on these fake ads, nine of these ads were discovered on the social media platform.

RELATED:

• Twitter held talks to acquire Clubhouse for a $4 billion deal: Report
• Lizhi partners with Tesla-rival Xpeng to bring Clubhouse like Live stream podcast in-car
• Clubhouse has recorded over 8 million downloads on the App Store

The post Fake ads of a PC version of Clubhouse has been spreading malware appeared first on Gizmochina.

Foxconn recently suffered from a Ransomware attack that has reportedly damaged its servers and backups. The company is reeling from the attack, which also had sensitive data being stolen.

According to a CRN report, Foxconn suffered a ransomware attack on 29th Novermber 2020 in its North American facility, which is located in Ciudad Juarez, Mexico. The attack was from ransomware operator DoppelPaymer, who is now demanding 34.7 million US Dollars in Bitcoin. The ransomware operator even leaked certain generic Foxconn business documents on their data leak website earlier this week.

Editor’s Pick: The Mi A3 among a leaked list of Xiaomi models said to get Android 11 upgrade soon

As per the ransom note, “Your files, backups and shadow copies are unavailable until you pay for a decryption tool,” DoppelPaymer wrote in a ransom note that appears on Foxconn’s servers. “If no contact [is] made in 3 business days after the infection, [the] first portion of data will be shared to [the] public … and all the rest will remain unreachable to you.”

DoppelPaymer apparently encryted about 1,200 servers, stole 100GB of unencrypted files, deleted 20 to 30TB of backups and more in their November 29 attack. The ransom for these files is 1,804 Bitcoins. Foxconn is a known supplier of Apple, and it remains to be seen what action the Taiwanese electronics manufacturer takes in response to this. The ransom note, which is actually a link, also stated that “This page and your decryption key will expire in 21 days after your systems were infected. Sharing this link or email will lead to the irreversible removal of the decryption key.”

UP NEXT: Apple launches its first ever wireless headphones AirPods Max with ANC, 20hrs battery life

The post Foxconn Ransomware attack damaged its servers and backup: Report appeared first on Gizmochina.

As the name suggests, ransomware is malicious software that is built to steal and “kidnap” users’ data. The data is them held to ransom, with users having to pay to receive the data back. Now, a new sophisticated ransomware has just been discovered that is rather hard to detect and becoming a new threat.

Earlier this month, the Microsoft 365 Defender Research Team wrote a report to the about the latest evolution of mobile Ransomware. In the report, the research team “found a piece of a particularly sophisticated Android ransomware with novel techniques and behavior, exemplifying the rapid evolution of mobile threats that we have also observed on other platforms. The mobile ransomware, detected by Microsoft Defender for Endpoint as AndroidOS/MalLocker.B, is the latest variant of a ransomware family that’s been in the wild for a while but has been evolving non-stop.”

Editor’s Pick: Huawei Mate 40 Pro with Kirin 9000 scores 690K+ on AnTuTu benchmarks, scores slightly lower than Exynos 1080

This ransomware family has been known for a while and has been found on various websites and has been circulating online through forums, various pop up ads, cracked games, and other forms of media. According to the PhoneArena report, the report also added that “the new variant caught our attention because it’s an advanced malware with unmistakable malicious characteristic and behavior and yet manages to evade many available protections, registering a low detection rate against security solutions.”

Furthermore, the hackers apparently are “evolving” this malware by using various accessibility features and the virus is continuously getting better at its intended purpose. Viruses and malware aren’t just for laptops and computers, with the number of smartphone users growing, the amount of harmful software like ransomware has been growing. So make sure to be safe never click on any flashy links, ads, or pop ups.

UP NEXT: Vivo V20 with 44MP selfie camera, 64MP triple rear cameras, and Snapdragon 720G launched in India for Rs 24,990 (~$340)

The post New evolving Ransomware discovered, “kidnaps” user data on Android devices appeared first on Gizmochina.

Canon has recently been hit with a ransomware attack. It has affected a number of its services, including Canon’s email, Microsoft Teams, company’s USA website, and other internal applications as well.

BleepingComputer had reported on the incident after tracking an outage on Canon’s image.canon cloud photo and video storage service. This resulted in the loss of data worth 10TB for users that utilized the storage feature. The outage occurred on 30th July 2020 and lasted over six days. Meanwhile, the site would display status updates until it went back in service on 4th August 2020.

Editor’s Pick: Samsung Galaxy Note 20, Note 20 Ultra 5G India pricing confirmed, pre-orders begin

Furthermore, an internal source reached out to BleepingComputer, sharing an image of a company wide notification. This message was titled “Message from IT Service Center,” which was sent by Canon’s IT department. According to this message, Canon was experiencing a “wide spread system issues affecting multiple applications, Teams, Email, and other systems may not be available at this time.”

A number of Canon domains were also affected by the cyberattack, while an alleged ransom note had been discovered soon after. The attack was from the Maze ransomware, who stated that they stole, “10 terabytes of data, private databases, etc,” for their attack on Canon. Although, Maze also revealed that the image.canon outage was not caused by them. Maze has stolen unencrypted files from servers and backups and has harvested the network of anything of value and gain access to a Windows domain controller. They have also been responsible for other high profile attacks in the past as well, so we will have to wait and see how the situation develops further.

UP NEXT: OnePlus CEO: OxygenOS 11 will bring Always on Display for smartphones

The post Canon suffers a Maze Ransomware attack, 10TB worth of Users’ data stolen appeared first on Gizmochina.

The novel Coronavirus has now become a global pandemic, disrupting global economy, human health, slowdown in business globally, as well as impacting daily life of billions of people around the world.

However, this has also created an environment where hackers, scammers, and spammers take advantage of vulnerable users and situation. With more and more people working from home with lower security networks compared to office setup, the risk of getting attacked is more.

Ransomware attacks, which are typically initiated through phishing, can cause mayhem for hospitals as attackers use encryption to block access to their own files and then demand digital currency payments for unlocking keys.

Last week, Brno University Hospital in the Czech Republic, which is also a major Covid-19 testing hub, suffered a ransomware attack that disrupted operations and caused surgery postponements. The Czech National Cyber Security Center and Czech law enforcement still have not fully restored digital services.

EDITOR’S PICK: Huawei P40 series flagship smartphones to reportedly launch in China on April 8th

Now, some Ransomware operators have said that they will no longer target health and medical organisations during the Coronavirus (COVID-19) pandemic. BleepingComputer reached out to several such groups in which DoppelPaymer responded and stated that they do not normally target hospitals or nursing homes and will continue this approach during the pandemic.

On the other hand, the Maze operators said that they will stop activities against all kinds of medical organisations until the end of the pandemic. Netwalker Ransomware claims that they don’t have a goal of attacking hospital and doubles down that “no one will purposefully hack into the hospital.”

Amid all these, several computer security companies, including Emsisoft and McAfee, have offered to assist medical research companies as well as hospitals fighting ransomware attacks during the Covid-19 outbreak.

UP NEXT: Honor 30S powered by Kirin 820 5G SoC appears on AnTuTu; Scores better than Snapdragon 765G chipset

(Source)

The post Ransomware Groups promise not to attack hospitals amid Coronavirus pandemic appeared first on Gizmochina.