Cyberattack on telecom giant Frontier claimed by RansomHub

An April cyberattack on a large telecommunications company has been claimed by a ransomware gang that is gaining steam as a cybercriminal operation.
On Saturday, the RansomHub operation posted Frontier Communications to its leak site claiming to have the sensitive information of more than 2 million people.
The group claimed it spent more than two months attempting to extort the company but never got a response.
Frontier did not respond to requests for comment but reported a cyber incident to the U.S. Securities and Exchange Commission in April.
The ransomware gang claimed it had access to names, addresses, Social Security numbers, credit scores and more.
Since emerging earlier this year, RansomHub has quickly taken credit for several high-profile incidents.
Hackers involved in the ransomware attack on Change Healthcare - which may involve the healthcare data of one-third of all Americans - are using the RansomHub platform to sell the stolen information.
Members of the group have also claimed attacks on Christie's, the world's largest auction house by revenue, and other organizations.
Experts from NCC Group said RansomHub was the third most prolific ransomware gang that operated in March, with at least 27 attacks.
The group's emergence has reinforced a longstanding assertion by security researchers that ransomware gangs are nebulous operations, with affiliates moving between different operations and selling stolen data or access to different groups.


This Cyber News was published on therecord.media. Publication date: Wed, 26 Jun 2024 19:14:03 +0000


Cyber News related to Cyberattack on telecom giant Frontier claimed by RansomHub

Cyberattack on telecom giant Frontier claimed by RansomHub - An April cyberattack on a large telecommunications company has been claimed by a ransomware gang that is gaining steam as a cybercriminal operation. On Saturday, the RansomHub operation posted Frontier Communications to its leak site claiming to have ...
10 months ago Therecord.media Ransomhub
Christie's confirms breach after RansomHub threatens to leak data - Christie's confirmed that it suffered a security incident earlier this month after the RansomHub extortion gang claimed responsibility and threatened to leak stolen data. Christie's is a prominent auction house with a history spanning 2.5 centuries. ...
10 months ago Bleepingcomputer.com Ransomhub
EvilCorp & RansomHub Working Together to Attack Organizations Worldwide - The attack progression typically follows a pattern of initial SocGholish infection, deployment of the VIPERTUNNEL backdoor, lateral movement through the network, data exfiltration, and finally, RansomHub ransomware deployment. Microsoft first ...
3 weeks ago Cybersecuritynews.com Ransomhub LockBit
RansomHub Ransomware-as-a-service Facing Internal Conflict as Affiliates Lost Access to Chat Portals - Unlike many competitors, RansomHub implemented a business model that directed ransom payments either directly to affiliates or split them at the point of transaction, significantly reducing the risk of “exit-scamming” – a common problem ...
1 week ago Cybersecuritynews.com Dragonforce Black Basta Ransomhub
Change Healthcare's New Ransomware Nightmare Goes From Bad to Worse - Change Healthcare is facing a new cybersecurity nightmare after a ransomware group began selling what it claims is Americans' sensitive medical and financial records stolen from the health care giant. RansomHub claimed it had health care data on ...
1 year ago Wired.com Ransomhub
RansomHub Evolves To Attack Windows, ESXi, Linux and FreeBSD Operating Systems - With RansomHub actively exploiting zero-day vulnerabilities and recruiting displaced ALPHV/LockBit affiliates, organizations must strengthen endpoint security and ensure backup isolation to prevent potential attacks. RansomHub ransomware group ...
2 months ago Cybersecuritynews.com CVE-2024-3400 CVE-2021-42278 CVE-2020-1472 LockBit Ransomhub
RansomHub’s EDRKillShifter Link With Other Well-Established Ransomware Gang’s - New Research - In May 2024, RansomHub introduced EDRKillShifter, a custom endpoint detection and response killer designed to terminate security products by abusing vulnerable drivers, effectively blinding defensive systems before encryption begins. ESET researchers ...
4 weeks ago Cybersecuritynews.com BianLian Medusa Ransomhub LockBit
RansomHub ransomware uses new Betruger ‘multi-function’ backdoor - The malware's capabilities include a wide range of capabilities that overlap with features commonly found in malicious tools dropped before deploying ransomware payloads, including keylogging, network scanning, privilege escalation, credential ...
1 month ago Bleepingcomputer.com Ransomhub
HackersEra Launches Telecom Penetration Testing to Eliminate Cyber Threats - Cybercriminals have attacked telecom infrastructure, particularly as it shifts to an IP-based design with the introduction of Long-Term Evolution networks, also referred to as LTE or 4G. Persistent attackers could spy on users' cellular networks and ...
1 year ago Cysecurity.news Inception
Understanding Each Link of the Cyberattack Impact Chain - It's often difficult to fully appreciate the impact of a successful cyberattack. Other consequences aren't so obvious - from a loss of customer trust and potential business to stolen data that may surface as part of another cyberattack years later. ...
1 year ago Securityboulevard.com
RansomHub Ransomware Group Compromised 84 Organization, New Groups Emerging - Cyfirma researchers noted a custom backdoor called “Betruger” being deployed in recent RansomHub operations, representing a significant evolution in ransomware tactics. Unlike some ransomware operations that rely heavily on publicly ...
1 week ago Cybersecuritynews.com Ransomhub
Change Healthcare Hit By Cyber Extortion Again - Change Healthcare, a subsidiary of UnitedHealth Group, has been facing renewed extortion from cybercriminals just a month after paying a ransom to prevent the release of data stolen in a February 2024 ransomware attack. The attack, orchestrated by ...
1 year ago Infosecurity-magazine.com Ransomhub
Albanian parliament, telecom company hit by cyberattacks - The Albanian parliament and a telecom company operating in the country were targeted by cyberattacks this week, the country's cyber agency said in a statement. Earlier this week, local media reported that during the attack on the parliament, hackers ...
1 year ago Therecord.media
Long Beach, California turns off IT systems after cyberattack - The Californian City of Long Beach is warning that they suffered a cyberattack on Tuesday that has led them to shut down portions of their IT network to prevent the attack's spread. Long Beach is the home to approximately 460,000 people and is the ...
1 year ago Bleepingcomputer.com
Mortgage giant Mr. Cooper hit by cyberattack impacting IT systems - U.S. mortgage lending giant Mr. Cooper was breached in a cyberattack that caused the company to shut down IT systems, including access to their online payment portal. Mr. Cooper is a mortgage lending company based out of Dallas, Texas, that employs ...
1 year ago Bleepingcomputer.com
Ohio Lottery hit by cyberattack claimed by DragonForce ransomware - The Ohio Lottery was forced to shut down some key systems after a cyberattack affected an undisclosed number of internal applications on Christmas Eve. While the incident is now under investigation, and the lottery is working to restore all impacted ...
1 year ago Bleepingcomputer.com Dragonforce
US mortgage lender loanDepot confirms ransomware attack - Leading U.S. mortgage lender loanDepot confirmed today that a cyber incident disclosed over the weekend was a ransomware attack that led to data encryption. LoanDepot is a major nonbank mortgage lender in the United States, with over $140 billion in ...
1 year ago Bleepingcomputer.com Akira
Guardians of Finance: loanDepot Confronts Alleged Ransomware Offensive - Among the leading lenders in the United States, loanDepot has confirmed that the cyber incident it announced over the weekend was a ransomware attack that encrypted data. In the United States, LoanDepot is one of the biggest nonbank mortgage lenders. ...
1 year ago Cysecurity.news
Nissan is investigating cyberattack and potential data breach - Japanese car maker Nissan is investigating a cyberattack that targeted its systems in Australia and New Zealand, which may have let hackers access personal information. Details of the attack have not been published but the company informed customers ...
1 year ago Bleepingcomputer.com
Eagers Automotive halts trading in response to cyberattack - Eagers Automotive has announced it suffered a cyberattack and was forced to halt trading on the stock exchange as it evaluates the impact of the incident. Eagers Automotive is the largest operator of car dealerships in Australia and New Zealand, with ...
1 year ago Bleepingcomputer.com Akira Dragonforce
Memorial University recovers from cyberattack, delays semester start - The Memorial University of Newfoundland continues to deal with the effects of a cyberattack that occurred in late December and postponed the start of classes in one campus. MUN is the largest public university in Atlantic Canada, with an academic and ...
1 year ago Bleepingcomputer.com Dragonforce
Cyberattack on health services provider impacts 5 Canadian hospitals - A cyberattack on shared service provider TransForm has impacted operations in five hospitals in Ontario, Canada, impacting patient care and causing appointments to be rescheduled. TransForm is a not-for-profit, shared service organization founded by ...
1 year ago Bleepingcomputer.com
The internet is already scary enough without April Fool's jokes - Thankfully in the security world, I think we've all gotten the hint at this point that we can't just post whatever we want on April 1 of each calendar year and expect people to get the joke. I've put my guard down so much at this point that I ...
1 year ago Blog.talosintelligence.com Hunters Ransomhub
SocGholish Leveraging Compromised Websites To Deploy RansomHub Ransomware - Security experts recommend implementing robust web filtering solutions, keeping browsers updated, and training users to recognize fake update notifications as critical mitigation strategies against this evolving threat. The infection begins when ...
1 month ago Cybersecuritynews.com Ransomhub
TRAI Updates Regulations to Prevent SIM Swap Fraud in Telecom Porting - The Telecom Regulatory Authority of India recently announced updated regulations aimed at combating SIM swap fraud in the telecom sector. The TRAI highlighted that this measure is part of its broader efforts to address concerns related to fraudulent ...
1 year ago Cysecurity.news

Latest Cyber News


Cyber Trends (last 7 days)