Mumbai: Ransomware hits Dadar CA’s office, demands payment in bitcoins for decryption

Mohamed Thaver reports:

A day after a Navi Mumbai hospital and hotel became targets of a ransomware attack, cyber fraudsters encrypted data belonging to a Dadar-based chartered accountant and demanded money to remove the block on the data on Monday. While the incident took place on Monday, the complainant, realised that his data has been blocked on Tuesday. “A case of ransomware was reported, following which, an FIR has been registered at the Bhoiwada police station,” said Deputy Commissioner of Police (Zone 4) N Ambika.

Read more on Indian Express.

Not surprisingly, I took special note of the reference to a hospital being attacked.  Later in the report Thaver notes:

On Sunday, the MGM hospital in Navi Mumbai was attacked by a ransomware. Its data was locked out and the fraudsters demanded payment in bitcoins.

But Thaver does not provide a follow-up and a Google search only reveals numerous sites reporting the attack on  Mahatma Gandhi Mission hospital. The attack apparently occurred on July 15 or thereabouts, and it’s somewhat surprising that there has been no real follow-up media coverage since then other than an early report that the hospital would not be paying the ransom. The only other tidbit I’ve found so far is that the attacker reportedly used an AOL account to make the demand and expected a reply to the AOL account. Unbelievable, right?

About the author: Dissent