<cite id="h37lx"></cite>
<var id="h37lx"></var>
<var id="h37lx"></var>
<menuitem id="h37lx"><dl id="h37lx"><listing id="h37lx"></listing></dl></menuitem>
<cite id="h37lx"></cite>
<var id="h37lx"><noframes id="h37lx">
<var id="h37lx"><strike id="h37lx"><thead id="h37lx"></thead></strike></var>
<var id="h37lx"></var>
<var id="h37lx"><video id="h37lx"></video></var>
<ins id="h37lx"><span id="h37lx"><var id="h37lx"></var></span></ins>
<cite id="h37lx"></cite>
<var id="h37lx"></var>

Ransomware crooks who broke into Merseyrail used director's email address to brag about it – report

Hasn't stopped the trains, though


Brit railway company Merseyrail is understood to have suffered a ransomware attack – and the crooks responsible reportedly pwned a director's Office 365 account to email employees and journalists about it.

News of the breach was reported by BleepingComputer, which received one of those emails.

A spokesperson for the rail operator told us in a statement: “Merseyrail was recently subject to a cyber-attack. A full investigation has been launched and relevant authorities notified. This does not affect the operation of our services, which will continue to run as advertised.”

Merseyrail's network covers 68 stations around Liverpool, Birkenhead and Southport, stretching as far south as Chester.

It was claimed that the group responsible was the Lockbit gang, a relatively new organisation. Darktrace reckoned it was first seen in 2019 and leveraged tools such as PowerShell to compromise its victims. Darktrace reckoned that Lockbit's average ransom demand was $40,000.

A model of a time bomb: electronic timer connected to sticks of dynamite

Emotet malware self-destructs after cops deliver time-bomb DLL to infected Windows PCs

READ MORE

Describing a previous infection of one of its clients, Darktrace

Sophos carried out a technical analysis of Lockbit back in 2020, noting that the crew refuses to target victims from the Commonwealth of Independent States (basically the old Soviet Union). When deployed it tries to kill Windows processes, including products from Norton, Symantec, Sophos, and Qihoo360 as well as backup suites. It also persists after shutdown through a registry key.

The Information Commissioner's Office said it was aware of the ransomware attack at Merseyrail, which was last voted, for the second year running, as the UK's most reliable train operator. ?


Biting the hand that feeds IT ? 1998–2021

九九九免费观看视频,美女黄裸体无遮挡免费视频,香港经典A毛片免费观看播放,男人与女人性恔配免费