Boyne Resorts, a company that owns and manages mountain and lakeside resorts, ski resorts and attractions in USA, accepted attack by WastedLocker ransomware, affecting reservation systems. According to BleepingComputer, the ransomware first broke into the company's offices and then moved sideways targeting systems IT of the resorts that operate. As a result of the attack, the company was forced to shut down parts of its network, to prevent further spread of ransomware. The company's customers could not make reservations at the resorts managed by the company.
Archives included in the company's systems were encrypted by ransomware, while changing their names with the addition of the extension .Easy2lock, which has previously been linked to WastedLocker ransomware infections.
In July, Smartwatch and mobile device maker Garmin had to disable some of the online ones services as well as their call centers following a WastedLocker ransomware attack. In addition, in June, Symantec security experts reported that at least 31 organizations have been targeted with the recently discovered WastedLocker ransomware.
Researchers from the NCC Group report and later Symantec confirmed that malware developed by the Russian hacking Evil Corp., which is behind Dridex trojan and many ransomware such as Locky, Bart, Jaff and BitPaymer. Most of the victims belong to the construction industry, followed by the IT, media and telecommunications sectors.
With the group operating in cyberspace at least since 2007, the US Treasury Department imposed sanctions on Evil Corp in December 2019 for causing damage of at least $ 100.000.000.
The US Department of Justice (DoJ) has charged 32-year-old Russian Maksim V. and 38-year-old Russian Igor Turashev with distributing the infamous Dridex banking trojan and for their participation in international programs fraud and bank hacking.