Details about a Christmas-season ransomware attack on a global Christian organization became clearer this week as a cybercrime gang took credit for what appears to be a related theft of data.
The World Council of Churches, an inter-church organization, said on December 28 that it had been victimized by ransomware, but did not offer details about the attackers.
On Jan. 5 the Rhysida ransomware gang claimed to have attacked the Lutheran World Federation, one of the WCC's members.
A representative for the WCC, a fellowship of multiple Christian sects representing half a billion people worldwide, directed Recorded Future News to the December 28 statement confirming that the organization had been hit with ransomware.
Neither the Lutheran group nor the WCC specified that Rhysida was responsible for the incidents.
The gang is responsible for dozens of attacks on governments around the world as well as major companies like Sony.
The WCC, which has an administrative center in Geneva, Switzerland, said it was contacted by hackers on December 26, demanding a ransom for information accessed.
The organization contacted the Swiss police and other local law enforcement agencies to address the issue.
The Rhysida gang said it is ransoming the information it stole from the Lutheran group for 6 bitcoin, or about $280,000.
They put a seven-day timer for when the information will be released publicly.
Rhysida - named after centipedes - first emerged in late May 2023 and has already claimed major attacks on government institutions in Portugal, the Dominican Republic, Kuwait, Chile and the Caribbean island of Martinique.
Cybercrime organizations have increasingly targeted religious organizations in recent months.
Multiple churches and religious organizations were attacked last year, including South Carolina-based Relentless Church and Our Sunday Visitor, a Catholic publishing company that produces newsletters, religious books, pamphlets and more.
Recorded Future ransomware expert Allan Liska previously said that ransomware gangs attacked the Salvation Army in 2021 and one group listed 5 churches on their extortion site.
The Vatican and the Catholic Diocese of Hong Kong also were attacked in 2020.
Wiper malware found in analysis of Iran-linked attacks on Albanian institutions.
Jonathan has worked across the globe as a journalist since 2014.
Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia.
He previously covered cybersecurity at ZDNet and TechRepublic.
This Cyber News was published on therecord.media. Publication date: Mon, 08 Jan 2024 20:15:05 +0000