Wednesday, November 13, 2024
Homecyber securityNew ‘Pryx’ Ransomware Hijacked 30,000 University Applications

New ‘Pryx’ Ransomware Hijacked 30,000 University Applications

Published on

Malware protection

A new player has emerged on the cybercrime landscape the ransomware group “Pryx.”

Pryx has claimed its first attack, announcing that it has compromised the systems of Rowan College at Burlington County (RCBC.edu) and stolen 30,000 university applications.

This announcement was made on their data leak site, accessible through the traditional internet and the dark web.

- Advertisement - SIEM as a Service

According to the report from Red Hot Cyber, the stolen data includes a wide range of sensitive information.

"Is Your System Under Attack? Try Cynet XDR: Automated Detection & Response for Endpoints, Networks, & Users!"- Free Demo

The compromised data encompasses general information such as legal names and NJ ReUp Program participation, contact details including email addresses and phone numbers, demographic information like Social Security Numbers (SSNs) and race, and citizenship and military affiliation.

Additionally, high school and college information, including graduation status and previous institutions attended, was also compromised.

Rowan College’s Reaction

Rowan College has not released any official statement regarding the incident on its website.

This silence makes it difficult to confirm the veracity of Pryx’s claims precisely.

The available information should be cautiously approached without an official response from the institution.

The absence of a formal statement from Rowan College underscores the urgency and severity of the situation, leaving students and applicants uncertain.

Implications of the Breach

The amount and nature of the exposed data are highly concerning.

Students’ personal information, including Social Security numbers and contact details, can be used for various fraudulent and illegal activities, such as identity theft.

The breach jeopardizes the privacy and security of the affected individuals and highlights the growing threat posed by ransomware groups like Pryx.

Pryx’s data leak site is a platform where the group publishes information about victims who have not paid the demanded ransom.

This site is publicly accessible online and, as is common among ransomware groups, also through the dark web.

The site features a menacing interface, dominated by the image of a spider web and the slogan “Get pryxed.”

The platform includes various sections, such as contact information, the public PGP key, all updates, and Pryx’s breaches and operations.

The site’s homepage invites visitors to “Get pryxed,” highlighting their intimidating and provocative approach.

The emergence of Pryx and their first attack represent a further development in the growing threat ransomware groups pose.

The absence of an official statement from Rowan College underscores the need to monitor this situation closely.

This article serves as an initial intelligence report, and future developments will be followed carefully to provide accurate and timely updates.

The academic community and cybersecurity experts must remain vigilant and proactive in addressing such threats to safeguard sensitive information and maintain trust in educational institutions.

Are you from SOC/DFIR Teams? - Sign up for a free ANY.RUN account! to Analyse Advanced Malware Files

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

Automating Identity and Access Management for Modern Enterprises

Keeping track of who has access and managing their permissions has gotten a lot...

Finding The Right E-Commerce Platform – Comparing Reselling Solutions

If you’re looking to make some extra cash or to start a business, you...

Fortinet Patches Critical Flaws That Affected Multiple Products

Fortinet, a leading cybersecurity provider, has issued patches for several critical vulnerabilities impacting multiple...

China-Nexus Actors Hijack Websites to Deliver Cobalt Strike malware

A Chinese state-sponsored threat group, identified as TAG-112, has been discovered hijacking Tibetan community...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Fortinet Patches Critical Flaws That Affected Multiple Products

Fortinet, a leading cybersecurity provider, has issued patches for several critical vulnerabilities impacting multiple...

China-Nexus Actors Hijack Websites to Deliver Cobalt Strike malware

A Chinese state-sponsored threat group, identified as TAG-112, has been discovered hijacking Tibetan community...

Chrome 131 Released with the Fix for Multiple Vulnerabilities

The Chrome team has officially announced the release of Chrome 131 for Windows, Mac,...