Updated on 2022-12-29: PolyVice ransomware
SentinelOne has put out a report on PolyVice, a new ransomware strain variant that has been used in recent attacks carried out by the Vice Society ransomware group. Read more: Custom-Branded Ransomware: The Vice Society Group and the Threat of Outsourced Development
Updated on 2022-12-23
The Vice Society ransomware group has adopted a new ransomware called PolyVice to expand the scope of its attacks. The ransomware is in the early stages of development. Read more: Custom-Branded Ransomware: The Vice Society Group and the Threat of Outsourced Development
Updated on 2022-12-08
New report by Palo Alto Networks disclosed that over 40 educational institutions, including 15 in the U.S., suffered a Vice Society ransomware attack since its emergence in 2021. Read more: Vice Society: Profiling a Persistent Threat to the Education Sector
Updated on 2022-12-07
Palo Alto Networks has a profile on the Vice Society ransomware and extortion group and its obsession with the edu sector.
Updated on 2022-11-29
North Carolina-based Guilford College revealed that an October ransomware attack exposed the sensitive data of faculty, staff, and students. Vice Society ransomware claimed credits. Read more: North Carolina college confirms ransomware group stole sensitive data
#HiveLeaks #ransomware group claims to have #hacked Guilford College (@GuilfordCollege), a private liberal arts college in North Carolina, 🇺🇸… pic.twitter.com/3aAVM6aMms
— BetterCyber (@_bettercyber_) November 25, 2022
Updated on 2022-11-28
The Vice Society ransomware gang added the Cincinnati State College to its data leak site. The attack took place earlier this month and the college is still in the process of restoring systems and services. Read more: Cincinnati State College one of several schools added to ransomware leak sites on Thanksgiving
Updated on 2022-10-26
Microsoft connected the Vice Society ransomware gang to attacks involving multiple other ransomware strains, including BlackCat, Zeppelin, and QuantumLocker. Read more: DEV-0832 (Vice Society) opportunistic ransomware campaigns impacting US education sector
Updated on 2022-10-20
The Pierre-Rouquès-Les Bluets maternity hospital, Paris, recently informed that its computer systems were affected by a cyberattack on October 9. The attack was allegedly conducted by the Vice Society ransomware group. Read more: In Paris, the Bluets maternity hospital hit by a computer attack
Updated on 2022-10-13
The Mars Area School District, Pennsylvania, disclosed suffering a data breach, allegedly conducted by the Vice Society group. No other details have been released yet. Read more: Mars Area School District continuing investigation of recent data breach
Updated on October 2022: DEV-0832
Microsoft published a report on a threat actor it tracks as DEV-0832, a group that began by distributing versions of the BlackCat, QuantumLocker, and Zeppelin ransomware strains but is now managing the Vice Society operation. The group has gotten a lot of media attention lately due to its sustained campaign targeting the education sector. Read more: DEV-0832 (Vice Society) opportunistic ransomware campaigns impacting US education sector
Updated on July 2022: Vice Society group
Sekoia’s threat intel team has published a report on Vice Society, a cybercrime group that deploys ransomware created by other groups (such as Zeppelin and HelloKitty) but uses its own leak site to extort victims. Sekoia said that based on its analysis, it believes the group’s members are “English native speakers.”
