Notorious Russian ransomware group AlphV has claimed to have launched cyber attacks on Victorian companies.
Their claims extend further, stating that they have access to 4.95 terabytes of company data from this campaign of cyber attacks.
The ransomware group, operating from the shadows of the dark web, shared its intention on its channel, where it claimed to have targeted four major organizations.
According to their claims, the four prominent entities include TissuPath, a highly regarded pathology firm; Strata Plan, a prominent owners corporation service provider; Barry Plant Blackburn, a reputable name in the real estate sector; and Tisher Liner FC Law, a distinguished legal firm specializing in business and property matters.
AlphV launches cyber attacks on Victorian companies
The AlphV ransomware gang stated that they have successfully launched cyber attacks on Victorian companies and have stolen 4.95 terabytes of company data.
The threat actor’s post read, “Due to your representatives’ refusal to negotiate, we are launching a campaign involving email distribution and calls to your clients. Your clients will be offered the option to pay a fee for removing their data from the public leak. You still have a chance to prevent a catastrophe. 72 hours.”
TissuPath, one of the victims in this series of cyber attacks on Victorian companies, has issued a data breach notice on their website.
The notice states that they have experienced a cybersecurity incident and currently “investigating a data breach at a third-party IT supplier involving pathology referrals issued to TissuPath between 2011 and 2020.”
Exposed data includes scanned pathology request forms containing sensitive information such as patient names, dates of birth, contact details, Medicare numbers, and private health insurance details.
However, TissuPath reassures that critical databases housing patient diagnoses remain uncompromised. Importantly, the company does not store financial information or other sensitive personal documents.
To learn more about these alleged cyber attacks on Victorian companies, The Cyber Express reached out to the rest of the victims listed by the AlphV ransomware gang. However, at the time of writing this, no official response or statement had been received from the companies.
AlphV ransomware gang cyber attack plans and origins
Notably, TissuPath, Strata Plan, and Barry Plant Blackburn were among the clientele of Core Desktop, a South Melbourne-based company enlisted for its IT services.
The ABC News, which initially reported the cyber attacks on Victorian companies, has acquired a message from Core Desktop sent to its patrons, disclosing the date of discovery as August 22, 2023.
The AlphV ransomware gang, on the other hand, has only gotten stronger since its inception.
The Russian ransomware group marks a significant milestone as the first known ransomware coded in Rust. The malware necessitates an access token of 32 bytes (via the –access-token parameter), with the option to specify additional parameters.
This ransomware is equipped with an encrypted configuration containing a catalog of services/processes slated for termination, a whitelist of directories/files/file extensions, and a register of pilfer credentials from the victimized system.
Its modus operandi includes erasing all the Volume Shadow Copies, executing privilege escalation through the CMSTPLUA COM interface, and enabling “remote to local” and “remote to remote” symbolic links on the target machine.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
