UPDATED 21:40 EDT / DECEMBER 30 2021

SECURITY

Vice Society hacks Norwegian newspaper, takes credit for Spar attack

The Vice Society ransomware gang has claimed responsibility for an attack on a U.K. Spar wholesaler earlier this month and is being linked to an attack on a Norwegian newspaper this week.

The first attack targeted Spar wholesaler James Hall & Co. on Dec. 6, resulting in Spar stores being unable to take card payments at some 600 stores across the north of England. Some Spar stores were forced to close from the ransomware attack, while others remained open but accepted only cash payments.

The form of ransomware used and the ransom demanded was not revealed by the company at the time. Now Vice Society has taken credit for the attack.

The group said on its dark web page that it had infected James Hall and & Co. along with Heron and Brearley, owner of Mannin Retail, which owns 19 Spar stores on the Isle of Man. In addition to taking credit for the attack, Vice Society dumped stolen files. Bank Info Security reported today that more than 93,000 stolen files were published by the gang, suggesting that neither company paid the ransom demanded in the attack.

Vice Society is also being linked to a new ransomware attack that targeted Norway-based media company Amedia AS, which publishes more than 70 newspapers. The attackers struck on Tuesday and forced the company to shut off its presses. As of Wednesday, the company said that it would “take time before the situation is normal.”

The attack on Amedia is believed to have involved the exploitation of the PrintNightmare vulnerability, a Windows security flaw revealed in July.

Vice Society, believed to be a spinoff of the HelloKitty ransomware gang, emerged earlier this year. It uses various methods to gain access to victims’ networks, including exploiting PrintNightmare.

According to HIPAA Journal, the gang is known for exfiltrating data from victims’ systems before using ransomware to encrypt files, a so-called double-tap ransomware attack. The data is then published on its data leak site to pressure victims into paying a ransom.

The gang was also behind an attack on United Health Centers, a medical services provider in California in August that resulted in the disruption of services and patient data theft. Vice Society took credit for the attack in September.

Image: Pixabay

A message from John Furrier, co-founder of SiliconANGLE:

Show your support for our mission by joining our Cube Club and Cube Event Community of experts. Join the community that includes Amazon Web Services and Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many more luminaries and experts.

Join Our Community 

Click here to join the free and open Startup Showcase event.

“TheCUBE is part of re:Invent, you know, you guys really are a part of the event and we really appreciate your coming here and I know people appreciate the content you create as well” – Andy Jassy

We really want to hear from you, and we’re looking forward to seeing you at the event and in theCUBE Club.

Click here to join the free and open Startup Showcase event.