Sunday, July 14, 2024
EHA

New ‘Pryx’ Ransomware Hijacked 30,000 University Applications

A new player has emerged on the cybercrime landscape the ransomware group “Pryx.”

Pryx has claimed its first attack, announcing that it has compromised the systems of Rowan College at Burlington County (RCBC.edu) and stolen 30,000 university applications.

This announcement was made on their data leak site, accessible through the traditional internet and the dark web.

According to the report from Red Hot Cyber, the stolen data includes a wide range of sensitive information.

"Is Your System Under Attack? Try Cynet XDR: Automated Detection & Response for Endpoints, Networks, & Users!"- Free Demo

The compromised data encompasses general information such as legal names and NJ ReUp Program participation, contact details including email addresses and phone numbers, demographic information like Social Security Numbers (SSNs) and race, and citizenship and military affiliation.

Additionally, high school and college information, including graduation status and previous institutions attended, was also compromised.

Rowan College’s Reaction

Rowan College has not released any official statement regarding the incident on its website.

This silence makes it difficult to confirm the veracity of Pryx’s claims precisely.

The available information should be cautiously approached without an official response from the institution.

The absence of a formal statement from Rowan College underscores the urgency and severity of the situation, leaving students and applicants uncertain.

Implications of the Breach

The amount and nature of the exposed data are highly concerning.

Students’ personal information, including Social Security numbers and contact details, can be used for various fraudulent and illegal activities, such as identity theft.

The breach jeopardizes the privacy and security of the affected individuals and highlights the growing threat posed by ransomware groups like Pryx.

Pryx’s data leak site is a platform where the group publishes information about victims who have not paid the demanded ransom.

This site is publicly accessible online and, as is common among ransomware groups, also through the dark web.

The site features a menacing interface, dominated by the image of a spider web and the slogan “Get pryxed.”

The platform includes various sections, such as contact information, the public PGP key, all updates, and Pryx’s breaches and operations.

The site’s homepage invites visitors to “Get pryxed,” highlighting their intimidating and provocative approach.

The emergence of Pryx and their first attack represent a further development in the growing threat ransomware groups pose.

The absence of an official statement from Rowan College underscores the need to monitor this situation closely.

This article serves as an initial intelligence report, and future developments will be followed carefully to provide accurate and timely updates.

The academic community and cybersecurity experts must remain vigilant and proactive in addressing such threats to safeguard sensitive information and maintain trust in educational institutions.

Are you from SOC/DFIR Teams? - Sign up for a free ANY.RUN account! to Analyse Advanced Malware Files

Website

Latest articles

mSpy Data Breach: Millions of Customers’ Data Exposed

mSpy, a widely used phone spyware application, has suffered a significant data breach, exposing...

Advance Auto Parts Cyber Attack: Over 2 Million Users Data Exposed

RALEIGH, NC—Advance Stores Company, Incorporated, a prominent commercial entity in the automotive industry, has...

Hackers Using ClickFix Social Engineering Tactics to Deploy Malware

Cybersecurity researchers at McAfee Labs have uncovered a sophisticated new method of malware delivery,...

Coyote Banking Trojan Attacking Windows Users To Steal Login Details

Hackers use Banking Trojans to steal sensitive financial information. These Trojans can also intercept...

Hackers Created 700+ Fake Domains to Sell Olympic Games Tickets

As the world eagerly anticipates the Olympic Games Paris 2024, a cybersecurity threat has...

Japanese Space Agency Spotted zero-day via Microsoft 365 Services

The Japan Aerospace Exploration Agency (JAXA) has revealed details of a cybersecurity incident that...

Top 10 Active Directory Management Tools – 2024

Active Directory Management Tools are essential for IT administrators to manage and secure Active...
Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Free Webinar

Low Rate DDoS Attack

9 of 10 sites on the AppTrana network have faced a DDoS attack in the last 30 days.
Some DDoS attacks could readily be blocked by rate-limiting, IP reputation checks and other basic mitigation methods.
More than 50% of the DDoS attacks are employing botnets to send slow DDoS attacks where millions of IPs are being employed to send one or two requests per minute..
Key takeaways include:

  • The mechanics of a low-DDoS attack
  • Fundamentals of behavioural AI and rate-limiting
  • Surgical mitigation actions to minimize false positives
  • Role of managed services in DDoS monitoring

Related Articles