Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

This ransomware gang used the emergency broadcast system to tell university students they've been attacked

Ransomware attack on a computer

Ransomware operators are always looking for novel ways to pressure their victims into paying their demands, and now we’ve seen the first time that an emergency broadcast system has been used for that purpose.

A ransomware group calling itself Avos recently compromised Bluefield University, a private institution in Virginia, housing roughly 900 students. 

In late April this year, the institution suffered a ransomware attack that forced it to postpone all exams. At the time, it said the attackers did not conduct financial fraud or identity theft: "Faculty and students can safely use and access MyBU, Canvas, and library resources through the universities website," explained Bluefield University.

Exerting pressure

But it seems as if the threat actors did manage to steal sensitive information, after the university’s emergency broadcast system, RamAlert, was used to send both the staff, and the students, a short message about the attack:

“We hacked the university network to exfiltrate 1.2 TB files," one message reads, as per a screenshot posted online. "We have admissions data from thousands of students. Your personal information is at risk to be leaked on the darkweb blog."

"DO NOT ALLOW the University to lie about severity of the attack! As proof we leak sample Monday May 1st 2023 18:00:00 GMT (2:00:00 PM)"

The group lived up to its word and posted a small sample in early May, which includes the University President’s W-2 tax form, and insurance policy-related documents. 

Through the years, ransomware operators have used all kinds of tactics to force victims into paying the ransom demand. Exfiltrating data and threatening to leak it online is yet another example. In some cases, the attackers would DDoS the company, as well, or would call the executives on their private telephones and threaten to release sensitive data on the dark web.

Via: BleepingComputer

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.