Go to listing page

Cyware Daily Threat Intelligence, July 12, 2022

Cyware Daily Threat Intelligence, July 12, 2022

Share Blog Post

Another French entity has been hit in less than 24 hours but this time it is a department in west-central France. No cybercriminal group has yet claimed responsibility for the attack as an investigation is underway. Parallelly, there are ransomware groups making stolen data searchable through filters. Karakurt and LockBit have joined the list with BlackCat to help other groups look for stolen information by filename or by content available in documents and images.

On the other side, fuel rebate scams have become prevalent in New York. Adversaries text victims on the behalf of New York officials and attempt to solicit their personal information in lieu of $1,500 fuel rebate offers.

Top Breaches Reported in the Last 24 Hours

AECP compromised patient data 
Montana-based Associated Eye Care Partners (AECP) has started informing victims of a ransomware attack that occurred at a third-party IT service provider, Netgain, in 2020. The investigation into the breach was wrapped up a couple of months back. It was found that hackers accessed patient information such as names, addresses, SSNs, and medical history.

Major cyberattack at a French department 
A cyberattack aimed at the department of Indre-et-Loire crippled all community services. People could no longer reach out to the department as the telephone and the internal messaging systems were impacted. While the nature of the cyberattack is yet to be determined, no hacker has either claimed the responsibility for the attack yet.

Top Malware Reported in the Last 24 Hours

Threat actors make data dumps searchable
After BlackCat, the LockBit group and Karakurt data extortion gang have also deployed a search function to their leak sites. Ransomware groups are adopting new strategies to force victim firms or individuals to make them pay quickly. BlackCat actors had stated that using such techniques makes it easier for other criminals to find stolen data and credentials.

Fake Google update contains ransomware
Trend Micro uncovered a new ransomware family dubbed HavanaCrypt that is being wrapped as a fake Google software update. Once the malware ensures a system that isn’t running in a VM, it downloads a file from Microsoft's web hosting service IP address and terminates over 80 processes.

Top Scams Reported in the Last 24 Hours

Fake invoice for extortion
Sygnia researchers laid bare the activities of the new Luna Moth group that extorts from victims without using any ransomware. The group launches phishing campaigns containing a fake invoice and convinces its target to install which gives hackers full control over the device. 

Fuel rebate scam hits New York
A new SMS-based scam is reaching out to people with a false claim of New York State offering $1,500 rebates owing to high fuel prices. The New York State Department of Motor Vehicles has warned residents about the scam that takes them to a fake DMV website where they are requested to share their personal data.


sms scams
indre et loire
havanacrypt ransomware
associated eye care partners
new york state department of motor vehicles dmv
fuel rebates
atera rat
lockbit ransomware
luna moth

Posted on: July 12, 2022

More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.

The Virtual Cyber Fusion Suite