RansomExx Ransomware hit MNH Health Insurance Company!

RansomExx Ransomware hit MNH Health Insurance Company!

Today, a French health insurance company named Mutuelle Nationale des Hospitaliers founded that they are the victim of a ransomware attack that was infected their organization.

MNH is the 1st mutual fund organization established in France and provides health insurance services and other plans that were focused on the health sector.

After this attack, the MNH has website shows a notice that displays that they are affected by a cyberattack on 5th February, and therefore for security reasons their websites and telephone platform are unavailable.

CEO of MNH Gerarf Vuidepot state that, MNH was attacked on Friday and their system was disconnected from the network while protecting the data. He also says that our website that includes mnh.fr, member area, and our telephone connections are temporarily unavailable. The investigation is going on and we all taking all the steps needed to control this action.

Whereas, two days ago a security expert has shared a Tor web page that shows the demand of ransomware negotiation for MNH attack.

The shared page is linked to mnh.fr and displays how the attackers will negotiate with the company. They also suggest MNH use the protonmail account while sending the money and without informing the police and other law enforcement agencies.

RansomExx Ransomware hit MNH Health Insurance Company

How does this Begin? 

This entire operation is called as RansomExx an updated version of Defray777 ransomware.

According to the experts, this ransomware group has been activated from 2018 and that are executing the attacks in June 2020 when the updates of RansomExx began and start targeting high-profile companies.

RansomExx is similar to other human-operated ransomware operations, that compromise the network and start stealing the encrypted files. They all are working to get the administrator access and after that, they execute the attack and encrypt all the devices that are connected to the network.

Summering Up

RansomExx is also created in Linux operating system and the attacker ensures that they can target all the servers and data listed in the organization.

Whereas some of the RansomExx attacks are classified as the high-profile attack that includes Brazil’s government network, Konica Minolta, IPG Photonics, Texas Department of Transportation and Tyler Technologies.

Leave a Reply