Tuesday, February 18, 2025
Homecyber securityNew ‘Pryx’ Ransomware Hijacked 30,000 University Applications

New ‘Pryx’ Ransomware Hijacked 30,000 University Applications

Published on

SIEM as a Service

Follow Us on Google News

A new player has emerged on the cybercrime landscape the ransomware group “Pryx.”

Pryx has claimed its first attack, announcing that it has compromised the systems of Rowan College at Burlington County (RCBC.edu) and stolen 30,000 university applications.

This announcement was made on their data leak site, accessible through the traditional internet and the dark web.

According to the report from Red Hot Cyber, the stolen data includes a wide range of sensitive information.

"Is Your System Under Attack? Try Cynet XDR: Automated Detection & Response for Endpoints, Networks, & Users!"- Free Demo

The compromised data encompasses general information such as legal names and NJ ReUp Program participation, contact details including email addresses and phone numbers, demographic information like Social Security Numbers (SSNs) and race, and citizenship and military affiliation.

Additionally, high school and college information, including graduation status and previous institutions attended, was also compromised.

Rowan College’s Reaction

Rowan College has not released any official statement regarding the incident on its website.

This silence makes it difficult to confirm the veracity of Pryx’s claims precisely.

The available information should be cautiously approached without an official response from the institution.

The absence of a formal statement from Rowan College underscores the urgency and severity of the situation, leaving students and applicants uncertain.

Implications of the Breach

The amount and nature of the exposed data are highly concerning.

Students’ personal information, including Social Security numbers and contact details, can be used for various fraudulent and illegal activities, such as identity theft.

The breach jeopardizes the privacy and security of the affected individuals and highlights the growing threat posed by ransomware groups like Pryx.

Pryx’s data leak site is a platform where the group publishes information about victims who have not paid the demanded ransom.

This site is publicly accessible online and, as is common among ransomware groups, also through the dark web.

The site features a menacing interface, dominated by the image of a spider web and the slogan “Get pryxed.”

The platform includes various sections, such as contact information, the public PGP key, all updates, and Pryx’s breaches and operations.

The site’s homepage invites visitors to “Get pryxed,” highlighting their intimidating and provocative approach.

The emergence of Pryx and their first attack represent a further development in the growing threat ransomware groups pose.

The absence of an official statement from Rowan College underscores the need to monitor this situation closely.

This article serves as an initial intelligence report, and future developments will be followed carefully to provide accurate and timely updates.

The academic community and cybersecurity experts must remain vigilant and proactive in addressing such threats to safeguard sensitive information and maintain trust in educational institutions.

Are you from SOC/DFIR Teams? - Sign up for a free ANY.RUN account! to Analyse Advanced Malware Files

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

Highly Obfuscated .NET sectopRAT Mimic as Chrome Extension

SectopRAT, also known as Arechclient2, is a sophisticated Remote Access Trojan (RAT) developed using...

Threat Actors Trojanize Popular Games to Evade Security and Infect Systems

A sophisticated malware campaign was launched by cybercriminals, targeting users through trojanized versions of...

New Research Aims to Strengthen MITRE ATT&CK for Evolving Cyber Threats

A recent study by researchers from the National University of Singapore and NCS Cyber...

New LLM Vulnerability Exposes AI Models Like ChatGPT to Exploitation

A significant vulnerability has been identified in large language models (LLMs) such as ChatGPT,...

Supply Chain Attack Prevention

Free Webinar - Supply Chain Attack Prevention

Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.

Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.

Discussion points

Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.

More like this

Highly Obfuscated .NET sectopRAT Mimic as Chrome Extension

SectopRAT, also known as Arechclient2, is a sophisticated Remote Access Trojan (RAT) developed using...

Threat Actors Trojanize Popular Games to Evade Security and Infect Systems

A sophisticated malware campaign was launched by cybercriminals, targeting users through trojanized versions of...

New Research Aims to Strengthen MITRE ATT&CK for Evolving Cyber Threats

A recent study by researchers from the National University of Singapore and NCS Cyber...