US Health Dept Royal Ransomware

US Health Dept warns of Royal Ransomware targeting healthcare

A new alert from HHS warns hospitals and other healthcare facilities across the United States to be on the lookout for attacks by the Royal ransomware gang, which is relatively new to the scene. Months after being discovered in January 2022, Royal operators have rapidly increased their malevolent actions as of September 2022. Royal is a ransomware group notorious for systematically compromising U.S. hospitals and other healthcare facilities. At first, they used encryptors developed by other groups, such BlackCat. However, they rapidly began developing their own encryptors, the first of which was called Zeon and produced ransom notes similar to those used by the Conti group.

Following successful callback phishing assaults, the organization employs social engineering to get corporate victims to download and run remote access software. The gang frequently sends journalists compromising data via hacked Twitter accounts. Following infection, it encrypts the targets’ enterprise-level systems and demands ransom payments of $250,000 to $2 million. Other ransomware operations known to actively target healthcare companies across the United States have also been warned about by the federal government. For instance, HHS issued a warning about the impact of Venus ransomware on U.S. healthcare last month, and at least one organization has since been identified as a victim.

Source: bleepingcomputer