![dataloss logo](/images/dataloss-logo.png)
BreachExchange mailing list archives
Greenville in recovery phase from Robbinhood ransomware attack
From: Destry Winant <destry () riskbasedsecurity com>
Date: Mon, 29 Apr 2019 00:37:47 -0500
https://www.scmagazine.com/home/security-news/ransomware/greenville-in-recovery-phase-from-robbinhood-ransomware-attack/ The city of Greenville, N.C., said it is recovering from the April 10 ransomware attack that had effectively knocked the city offline, without having to resort to paying the ransom demand. City officials told WCTI12 the government network had been locked up by the relatively new Robbinhood ransomware, also known has Hidden Tear. There is a removal process for Robbinhood, which is normally injected into a target via a phishing attack, or sometimes with a browser hijacker, although it was not made clear how the city is going about deleting the ransomware. Greenville’s systems are not fully back online and city officials do not have a completion date for the process. In a Facebook post at the time of the attack city, officials said the incident began on April 10. Citing a Greenvile official, TheReflector.com reported that a ransom request had been received, but the city brought in cybersecurity help from other municipalities and was prepared to go a couple of days without computer support in order to investigate the situation. _______________________________________________ BreachExchange mailing list sponsored by Risk Based Security BreachExchange () lists riskbasedsecurity com If you wish to Edit your membership or Unsubscribe you can do so at the following link: https://lists.riskbasedsecurity.com/listinfo/breachexchange
Current thread:
- Greenville in recovery phase from Robbinhood ransomware attack Destry Winant (Apr 29)