New ‘Pryx’ Ransomware Hijacked 30,000 University Applications

A new player has emerged on the cybercrime landscape the ransomware group “Pryx.”

Pryx has claimed its first attack, announcing that it has compromised the systems of Rowan College at Burlington County (RCBC.edu) and stolen 30,000 university applications.

This announcement was made on their data leak site, accessible through the traditional internet and the dark web.

According to the report from Red Hot Cyber, the stolen data includes a wide range of sensitive information.

"Is Your System Under Attack? Try Cynet XDR: Automated Detection & Response for Endpoints, Networks, & Users!"- Free Demo

The compromised data encompasses general information such as legal names and NJ ReUp Program participation, contact details including email addresses and phone numbers, demographic information like Social Security Numbers (SSNs) and race, and citizenship and military affiliation.

Additionally, high school and college information, including graduation status and previous institutions attended, was also compromised.

Rowan College’s Reaction

Rowan College has not released any official statement regarding the incident on its website.

This silence makes it difficult to confirm the veracity of Pryx’s claims precisely.

The available information should be cautiously approached without an official response from the institution.

The absence of a formal statement from Rowan College underscores the urgency and severity of the situation, leaving students and applicants uncertain.

Implications of the Breach

The amount and nature of the exposed data are highly concerning.

Students’ personal information, including Social Security numbers and contact details, can be used for various fraudulent and illegal activities, such as identity theft.

The breach jeopardizes the privacy and security of the affected individuals and highlights the growing threat posed by ransomware groups like Pryx.

Pryx’s data leak site is a platform where the group publishes information about victims who have not paid the demanded ransom.

This site is publicly accessible online and, as is common among ransomware groups, also through the dark web.

The site features a menacing interface, dominated by the image of a spider web and the slogan “Get pryxed.”

The platform includes various sections, such as contact information, the public PGP key, all updates, and Pryx’s breaches and operations.

The site’s homepage invites visitors to “Get pryxed,” highlighting their intimidating and provocative approach.

The emergence of Pryx and their first attack represent a further development in the growing threat ransomware groups pose.

The absence of an official statement from Rowan College underscores the need to monitor this situation closely.

This article serves as an initial intelligence report, and future developments will be followed carefully to provide accurate and timely updates.

The academic community and cybersecurity experts must remain vigilant and proactive in addressing such threats to safeguard sensitive information and maintain trust in educational institutions.

Are you from SOC/DFIR Teams? - Sign up for a free ANY.RUN account! to Analyse Advanced Malware Files