BlackCat Ransomware Attack Hits Florida International University and Betting Company
Table of Contents
- By Steven
- Apr 13, 2022
Darkfeed, a platform that monitors the darknet, recently revealed that BlackCat ransomware hackers stole in excess of one terabyte of information from Florida International University. The BlackCat ransomware also stole 300 gigabytes of SQL databases from the postsecondary educational institution. Furthermore, the hacking collective also struck a popular gambling site to boot.
What Happened to the University’s Stolen Information?
The information stolen from Florida International University was posted on the BlackCat darknet site for darknet users to access.
Why is the Hack an Issue in the Context of Digital Security?
The information stolen from the university is highly sensitive. The data posted to the darknet site includes the personal information of both Florida International University students and staffers. Even the students’ social security numbers were posted to the darknet.
Add in the fact that the hackers stole detailed information about the university’s accounting operations, finances, and contracts. There is even more reason for the institution to enhance its digital safeguards. The hack also extended to email databases, meaning the messages transmitted to and from the university’s staffers, administrators and students were illegally accessed.
How is BlackCat Ransomware Implemented?
BlackCat, likely a spinoff of the DarkSide and BlackMatter ransomware collectives, alter and re-deploys idiosyncratic exfiltration tools for the cyber attacks. The group’s primary hacking tool, referred to as Fender, has been enhanced to include several additional file types. The tool steals information directly from target networks. BlackCat ransomware hackers warn their targets that the stolen data will be published on their darknet website unless the requested money is paid by the deadline.
Which Betting Company was Also Struck by BlackCat?
BlackCat’s ransomware also successfully stole information from Bet9ja, an online gambling platform based in Nigeria. The betting specialist confirmed the attack this past Sunday. The ransomware hack caused a significant operations disruption. Some Bet9ja users reported they were unable to access their accounts as the attack unfolded.
What is Bet9ja’s Response to the Attack?
The Chief Executive Officer of Bet9ja issued a public statement after the BlackCat ransomware attack. Ojuroye’s statement was surprisingly positive in tone. The executive noted that the company’s user accounts, funds, and information were safe. Ojuroye also noted that cybercrime professionals and cyber forensics specialists are investigating the matter with the hope of quickly resolving it. However, he did not indicate the specific data stolen from the platform.
Interestingly, the gambling company admitted its website was experiencing technical problems earlier in the week that prevented users from accessing their accounts. Several media outlets have since reported that the platform’s services were quickly restored.
Has Blackcat Victimized Other Institutions?
Indeed, BlackCat has victimized several other groups. The hackers behind the attacks recently published stolen information plucked from the databases of educational institutions, including the Asian Institute of Technology, Technical State University, and North Carolina Agricultural State University. Transportadora de Gas del Sur, the top natural gas extraction business in Argentina, has also been victimized by a BlackCat attack.