The Egregor ransomware gang struck TransLink, the authority responsible for managing Metro Vancouver’s transportation network.On December 1, TransLink announced that certain issues were affecting its phones, online services and payment systems.The authority later confirmed that it had suffered a ransomware attack and that those responsible for the infection had used its printers to deliver their ransom note.Global BC reporter Jordan Armstrong confirmed this in his coverage of the security incident.Ransom letter that’s been rolling off the printers at @TransLink.Sources tell me, at this point, @TransLink does NOT intend to pay.— Jordan Armstrong (@jarmstrongbc) December 4, 2020
Bleeping Computer examined the ransom note and used it to attribute the attack to the Egregor ransomware gang.At the end of October 2020, the security community learned that many of Maze’s affiliates were moving over to Egregor after Maze’s handlers had announced that they were shutting down that ransomware strain’s operations.A few weeks after claiming Japanese video game developer Capcom as one of its victims, the Egregor ransomware crew drew attention to itself by hijacking its victims’ printers in order to deliver its ransom notes.Egregor is one of the many ransomware operations that maintains a data leaks site for publishing non-compliant victims’ stole ..
Support the originator by clicking the read the rest link below.
