{"id":17471,"date":"2020-06-08T09:06:45","date_gmt":"2020-06-08T13:06:45","guid":{"rendered":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/?p=17471"},"modified":"2022-10-14T18:26:44","modified_gmt":"2022-10-14T22:26:44","slug":"two-more-universities-hit-with-netwalker-ransomware","status":"publish","type":"post","link":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/security\/two-more-universities-hit-with-netwalker-ransomware.html","title":{"rendered":"Two More Universities Hit with NetWalker Ransomware"},"content":{"rendered":"\n

As we have written in the past \u2013 ransomware has become Extortionware<\/a> and most recently has an affiliate program<\/a>. NetWalker ransomware has generous payouts allowing an affiliate to earn more than a million dollars if they can infect a large organization. Recently, Michigan State University was hacked<\/a> with this Extortionware. In addition, University of California San Francisco (UCSF) and Columbia College Chicago have been infected. Columbia was founded in 1890, it has around six-thousand students and can cost $45,644 per year to attend before financial aid. Many of the degrees are entertainment related such as Acoustics, Arts management and Audio Arts.<\/p>\n\n\n\n

The latter two colleges are said to have paid<\/a>\nthe ransom before information was leaked on the internet but it is now owned by\nthe hackers and it is unknown if it could be used to extort from them in the\nfuture. It is also unknown if information contained in the stolen information\ncan or will be used to extort from others.<\/p>\n\n\n\n

NetWalker<\/a>\nwas discovered in August 2019 by ID\nRansomware<\/a>, according to BleepingComputer<\/a>. It was initially named Mailto based on\nthe extension that was appended to encrypted files, but ransomware recovery\ncompany Coveware<\/a> later\ndiscovered a decryptor for the ransomware that indicated that the developer\u2019s\nname for the infection was NetWalker.<\/p>\n\n\n\n

NetWalker compromises networks and encrypts all Windows devices connected to them, BleepingComputer indicated. When executed, NetWalker uses an embedded configuration that includes a ransom note template, ransom note file names and various configuration options.<\/p>\n\n\n\n

To keep your organization secure be sure to schedule regular cybersecurity assessments<\/a>. <\/p>\n\n\n\n

See the ONLY cybersecurity companies that matter <\/a>at the <\/strong>ITEXPO<\/strong><\/a> #TECHSUPERSHOW<\/strong>. Watch the video below for more.<\/p>\n\n\n\n

This Event has been called the BEST SHOW in 5 YEARS<\/strong> and the Best TECHNOLOGY EVENT of 2020<\/strong><\/a>.<\/p><\/blockquote>\n\n\n\n

2020 participants included: Amazon, Cisco, Google, IBM, ClearlyIP, Avaya, Vonage, 8\u00d78, Comcast Business, BlueJeans, CoreDial, Dell, Edify, Epygi, FreeSWITCH, Grandstream, Granite, Intrado, Frontier Business, Fujitsu, Jenne, West, Konftel, Intelisys, Martello, NetSapiens, OOMA, Oracle, OpenVox, Peerless Network, Phone Sentry, Phone.com, Poly, QuestBlue, RingByName, Sangoma, SingTel, SkySwitch, Spracht, Spectrum, Sprint, Tallac, Tech Data, Telarus, TCG, Teledynamics, Teli, Telinta, Telispire, Telstra, TransNexus, Unified Office, Vital PBX, VoIP Supply, Voxbone, VoIP.MS, Windstream, XCALY, XORCOM, Yealink, Yubox, and ZYCOO. Full List.<\/strong><\/a><\/p>\n\n\n\n

Join 8K others with $25B+ in IT buying power who plan 2021 budgets! Including 3,500+ resellers!<\/strong><\/p>\n\n\n\n

A unique experience with a collocated Future of Work Expo<\/a>, SD-WAN Expo<\/a>, and MSP Expo<\/a>\u2026<\/p>\n\n\n\n

June 22-25, 2021, Miami\u00a0Register now<\/a>\u00a0and you could win a Tesla on Feb 12th.<\/p>\n\n\n\n

\n