The Week in Ransomware – January 1st 2021


This holiday edition cover the latest ransomware news from the past two weeks, including known ransomware attacks and law enforcement takedowns.

Over the past two weeks, we have seen ransomware attacks on scent and flavor designed Symrise, FreePBX developer Sangoma, trucking giant Air Forward, and home appliance maker Whirlpool, 

Of particular interest is the Air Forward attack as it was done by the new Hades ransomware operation that began operating last month and has been busy racking up victims.

This week’s other big news is the law enforcement takedown of the Safe-Inet and Insorg VPN and proxy services known for catering to cybercriminal activity.

According to Europol, threat actors using these services included ransomware operations, skimming attacks, and more.

“Active for over a decade, Safe-Inet was being used by some of the world’s biggest cybercriminals, such as the ransomware operators responsible for ransomware, E-skimming breaches and other forms of serious cybercrime,” Europol stated in a press release about the operation.

Contributors and those who provided new ransomware information and stories this week include @FourOctets, @PolarToffee, @DanielGallagher, @malwrhunterteam, @LawrenceAbrams, @struppigel, @fwosar, @VK_Intel, @jorntvdw, @serghei, @demonslay335, @malwareforme, @Ionut_Ilascu, @Seifreed, @BleepinComputer, @AhnLab_SecuInfo, @chum1ng0, @siri_urz, @Kangxiaopao, @Jirehlov, @fbgwls245, @M_Shahpasandi, and @S2Wlab.

December 19th 2020

New ANCrypted Ransomware

M. Shahpasandi found a new ransomware called ANCrypted.


December 20th 2020

Flavors designer Symrise halts production after Clop ransomware attack

Flavor and fragrance developer Symrise has suffered a Clop ransomware attack where the attackers allegedly stole 500 GB of unencrypted files and encrypted close to 1,000 devices.

December 21st 2020

Trucking giant Forward Air hit by new Hades ransomware gang

Trucking and freight logistics company Forward Air has suffered a ransomware attack by a new ransomware gang that has impacted the company’s business operations.

The Institute for Security and Technology (IST) Launches Multi-Sector Ransomware Task Force (RTF)

The Institute for Security and…