Another COVID-19 Research Firm Targeted by Ransomware Attack
The Hammersmith Medicines Research (HMR) facility in London is not the only firm working on research to understand or treat COVID-19 that has been recently attacked with ransomware. While Maze Team attacked HMR in March, another team using Sodinokibi ransomware (the REvil team) was attacking 10x Genomics in California. The attack was disclosed on April 1 by the firm in their SEC filing.
On an .onion site, the attackers (known as REvil) posted a screenshot of the directory of folders, with a note: “We download more then 1 TB data from your secure disk/netapp/scada. If you doesnt contact with us we willl publish first part in 3 days. CYA.”
They then did publish/dump some files, but the hosting sites they uploaded the files to removed the files for violation of TOS.