Phishing Watchdog – Stay Safe with Instant Alerts

Sandhills online machinery markets shut down by ransomware attack

2nd October 2021 | Target: Sandhills | Reported Here

Popular online auction bidding sites for farm equipment and farmland were the victim of a recent ransomware attack. As a result, sites such as TractorHouse, EquipmentFacts, AuctionTime and HiBid have been offline since Friday.

Over the weekend, the Lincoln Journal Star confirmed Sandhills Global, which hosts various online auction websites, was the target of a ransomware attack.

Sandhills Global


[above via The Packer post] Update 1 / Update 2 


Hydra malware targets customers of Germany’s second largest bank

1st October 2021 | Target: Commerzbank | Reported Here

Experts warn of a malware campaign targeting European e-banking platform users with the Hydra banking trojan. According to malware researchers from the MalwareHunterTeam and Cyble, the new campaign mainly impacted the customers of Commerzbank, Germany’s second-largest bank. Hydra is an Android Banking Bot that has been active at least since early 2019.


[above via Security-Affairs post] 


Hackers Compromise Website, Promoting Giveaway Scam

23rd September 2021 | Target: | Reported Here, one of the first websites about Bitcoin (BTC), has been hacked by online scammers and down as of the time of writing.

Cobra,’s anonymous curator, announced on Sept. 23 that was compromised, with hackers managing to put up a scam notice on the site.

“Looks like got hacked and the entire site replaced with a scam asking for free Bitcoin. Do not send funds to that address,” Bitcoin developer Matt Corallo reported on Twitter.


[above via Coin-Telegraph post] Update 1 / Update 2 


Marketron Hit With Cyberattack. Virtually All Of Its Systems Are Offline.

20th September 2021 | Target: Marketron Broadcast Solutions | Reported Here

BlackMatter ransomware gang over the weekend hit Marketron, a business software solutions provider that serves more than 6,000 customers in the media industry.

Marketron provides cloud-based revenue and traffic management tools for broadcast and media organizations. It specializes in revenue management and audience engagement, handling advertising revenue of $5 billion every year.



[above via Bleeping Computer post] Update 1


Horizon House notifying patients of ransomware attack in March

20th September 2021 | Target: Horizon House, Inc | Reported Here

Data breaches at two American mental healthcare providers may have exposed thousands of individuals’ personal health information (PHI).

Horizon House, Inc., which is in Philadelphia, Pennsylvania, warned that 27,823 people might have been impacted by a cyber-attack that took place in the late winter.

The mental health and residential treatment services provider detected suspicious activity on its IT network on March 5. An investigation revealed that the healthcare provider’s IT system had been infected with ransomware.


[above via Infosecurity Magazine post]


US Eye-Care Providers Report Data Breaches

20th September 2021 | Target: Simon Eye Management | Reported Here

Simon Eye, a US chain of optometry clinics, has reported a data breach potentially impacting more than 144,000 individuals.

The possible compromise of sensitive personal data arose from unauthorized access to employee email accounts over a seven-day period between May 12-18, 2021, according to a data breach notice on the Simon Eye website.

Simon Eye said the attackers “attempted to engage in wire transfer and invoice manipulation attacks against the company, none of which were successful”.

simon eye management


[above via PortSwigger post] Update 1


New Cooperative hit by $5.9M BlackMatter ransomware attack

20th September 2021 | Target: New Cooperative | Reported Here

U.S. farmers cooperative NEW Cooperative has suffered a BlackMatter ransomware attack demanding $5.9 million not to leak stolen data and provide a decryptor.

NEW Cooperative is a farmer’s feed and grain cooperative with over sixty locations throughout Iowa.

In a weekend ransomware attack, the threat actors demand a 5.9 million dollar ransom, which will increase to $11.8 million if a ransom is not paid in five days.

These ransom demands are a starting point for negotiations and usually lead to significantly smaller payments if a victim decides to pay.

New Cooperative


[above via Bleeping Computer post] Update 1 / Update 2 


Republican Governors Association was hacked earlier this year

16th September 2021 | Target: Republican Governors Association (RGA) | Reported Here

The Republican Governors Association (RGA) revealed in data breach notification letters sent last week that its servers were breached during an extensive Microsoft Exchange hacking campaign that hit organizations worldwide in March 2021.

RGA is a US political organization and a tax-exempt 527 group that provides Republican candidates with the campaign resources needed to get elected as governors across the country.

Republican Governors Association (RGA)


[above via Bleeping Computer post] Update 1 / Update 2


Customer Care Giant TTEC Hit By Ransomware

15th September 2021 | Target: TTEC | Reported Here

US customer experience technology giant TTEC has announced a “cybersecurity incident”, confirming to employees that it was hit with ransomware.

The company, with nearly 61,000 employees and billions in annual revenue, sent a message to employees this week warning them not to click on a link titled “!RA!G!N!A!R!” according to KrebsonSecurity. The message indicates that the prolific Ragnar Locker ransomware group may have launched the attack or someone trying to impersonate them.



[above via Zdnet post] Update 1


Ransomware scammers target artists with fake Krita revenue deals

14th September 2021 | Target: Krita | Reported Here

The Krita digital painting application is currently being targeted by ransomware authors. Available on Steam and other platforms, it’s a powerful tool with a very cheap purchase price and great reviews. A perfect bit of bait to start reeling in potential victims, in other words.

Krita art


[above via Malware Bytes post] Update 1