Category: Ransom Monitor

Stalwart Development Group LLC reports a ransomware claim attributed to the threat actor nightspire, with data about the incident currently unavailable. The claim indicates the United States as the impacted country #UnitedStates

Threat actor ‘handala’ is claiming a ransomware incident against the victim Handala New Telegram and promoting it through linked channels. The message urges readers to join and share the links https://t.me/HANDALA_HPR2 https://t.me/HANDALA_HPR2 https://t.me/HANDALA_HPR2 as part of the campaign #Unknown

Anubis claims Ladue Family Dental in the United States has been hit by a ransomware operation, announcing a leak with the tagline ‘A major leak of smiles..’. The claim suggests exposure of patient data and internal systems as part of the attack. #UnitedStates

The ransomware claim identifies the victim as AFDL and attributes the attack to the threat actor qilin. The country impacted by the incident is not specified in the report #unknown

Dragonforce claims to have breached Northern Family Farms, a Merrillan, WI-based wholesale supplier of Christmas trees and nursery plants since 1955, encrypting systems and demanding a ransom to restore access. The claim highlights the company’s nationwide distributor network and warns that disruptions could affect customers across the United States if payment is not made.

#UnitedStates

A ransomware claim involving CPG Documentation in the United States has been attributed to the threat actor nightspire. Data is not available now. #UnitedStates

This ransomware claim alleges that Don E Bower was targeted by a threat actor identified as ‘play’ operating in the United States. The incident reportedly involved file encryption and a ransom demand, with attribution tied to the United States-based actor #UnitedStates

A ransomware claim targets victim T a Solberg in Norway, attributed to the threat actor ‘play’ based in the United States, demanding payment for data decryption. Attribution ties the actor to the United States and confirms Norway as the impacted country #Norway

Akira threatens to upload 50GB of WAG Funktion Design GmbH’s corporate data, including employee personal documents (German passports, medical information), projects, contracts, and NDAs. The claim targets Germany as the impacted country and warns of data exposure unless demands are met #Germany

Akira, a ransomware threat actor, claims it will upload 10 GB of Verdugo Tool & Engineering’s corporate data, including employee personal documents, HR files, projects, contracts, confidentiality agreements, and NDAs.
Verdugo Tool & Engineering is a US-based sheet metal stamping specialist serving aerospace, defense, automotive, medical, and commercial industries for over 50 years.
#UnitedStates

The ransomware claim involves Cheongdam OracleClinic in South Korea, attributed to the threat actor qilin. Details about the attack, including the initial access vector and impact, are listed as N/A.
#SouthKorea

A ransomware claim alleges that the victim domain northstaria.com in the United States was compromised by the threat actor incransom. The affected organization is North Star Insurance Advisors, described as a leading final expense telesales company in America with 200 employees and $44.9 million in revenue. #UnitedStates

The ransomware claim targets Nopa Industriearmaturen in Germany and is attributed to the threat actor qilin. The attackers claim to have encrypted systems and threaten data exfiltration unless a ransom is paid. #Germany

The ransomware claim by incransom alleges parkerlipman.com, the Parker Lipman LLP law firm based in Denver, United States, was compromised and data would be exposed or encrypted unless a ransom is paid. Parker Lipman LLP is described as a premiere Denver personal injury firm and continues to offer representation in personal injury and accidents, inviting clients to contact their experienced attorneys. #UnitedStates