At a glance.
- Minnesota school district hit with ransomware.
- Infected fake games: not all they’re cracked up to be.
Minnesota school district hit with ransomware.
The Minneapolis Public Schools District, located in the US state of Minnesota, suffered a ransomware attack that forced the district to cancel services last week. In preparation for students to return to their classrooms, school officials on Friday sent an email to parents and issued a public statement explaining that the district began experiencing technical issues on February 20 that resulted in the shutdown of school internet, phones, cameras, badge access, copiers/printers, and building alarms. “MPS experienced technical difficulties affecting the operability of certain computer systems related to what we now know is an encryption event,”officials stated. “MPS IT staff and external IT specialists have been working around the clock to investigate the source of this disruption and to confirm its impact on our systems.” By the time the statement was sent, many systems had been fully restored, and students were walked through a password reset process when they returned to school on Monday.
The Record from Recorded Future News notes that this is just the latest incident in a recent surge of attacks targeting educational institutions. The Cybersecurity and Infrastructure Security Agency (CISA) said the number of K-12 cyber incidents has risen from four hundred in 2018 to over thirteen hundred in 2021, and forty-five school districts totalling nearly two thousand schools were impacted by ransomware in 2022. CISA Director Jen Easterly stated, “As the mom of a student in high school, to be watching these hacks that have happened across the country — many of which we find out about, some of which we don’t — it’s one of the reasons why we have made K-12 school districts a priority this year, to work with them closely to help drive down risk.”
Infected fake games: not all they’re cracked up to be.
Bad news for game enthusiasts looking for easy access to hot games. HackRead reports that a new phishing campaign is using fake video game files to deploy malware. AhnLab Security Emergency response Center (ASEC) has discovered a new ChromeLoader campaign in which hackers are embedding the malware in what appear to be fake versions, or “cracks,” of popular games on platforms including ROBLOX, Steam, and Nintendo. The researchers have dubbed the operation “uncommon” due to its ability to bypass antivirus programs and other cybersecurity mechanisms in order to evade detection. The fraudulent cracks for sought-after games like Elden Ring, Red Dead Redemption 2, Call of Duty, Portal 2, and Minecraft are actually VHD files that infect web browsers with ChromeLoader malware and redirect traffic to fake advertising websites. As Gearrice notes, the campaign’s use of VHD files is unusual, as cracked software is usually distributed through ISO files, which create a virtual optical disk drive on the PC, while VHD files create a virtual hard disk. The simplest way to avoid this hack is to do the right thing and only go for that authentic version of Mario Kart.