Late last month, the Avos Ransomware hacked Bluefield University’s infrastructure to steal over a terabyte of sensitive data and are now threatening to leak all of them if the ransom isn’t paid.
One of the key elements they hacked includes the University’s emergency alert system; which is being used to inform the university’s students and staff, thereby urging them to pressure their management. The University said it’s still restoring the systems and asked students not to click on any links.
Novel Method to Pressure the Victim
Bluefield University, a small private college with roughly 900 students had it’s cyber infrastructure hacked on April 30th, 2023. The university immediately came up with a notification that it defended against the attack successfully and has been securing the affected devices.
Bluefield University systems have been shut down for an unknown period of time due to a recent cybersecurity attack. No member of the campus community should attempt access to any campus system at this time. Please see the attached image for more details. pic.twitter.com/lTvqopSffq
— Bluefield University (@blfduniversity) April 30, 2023
Though the university said it didn’t find any evidence of financial fraud or identity theft, it downplayed the incident and telling everyone that it was safe and they can continue using the university’s MyBU, Canvas and library resources.
But this saying took a bad turn when the Avos Ransomware threat actors declared they still had access to the university’s RamAlert – an emergency alert system for intimating the staff and students of any important notifications.
The ransomware gang used this route to inform the university’s staff and students about the hack and claimed they’re are still holding 1.2TB of their sensitive data – which included the admissions information of thousands of students. Further, the gang also shared links and instructions on accessing their dark web leak site and urged the students to inform the media about this incident.
As you know, on Sunday, April 30, 2023, Bluefield University discovered a cybersecurity attack that impacted our systems. Please see the attached image for more details. pic.twitter.com/Jrd2Fkwt8S
— Bluefield University (@blfduniversity) May 1, 2023
And as warned, the ransomware gang released a limited amount of stolen data, which included a W-2 Tax Form for the University’s President and their insurance policy documents. Soon, the university came up with another advisory saying that system restoration is still underway, but still affirming that they haven’t found any evidence of the abuse of student data.
Urging the students not to click on any links or respond to the hacked RamAlert messages, the university said it’s taking the necessary steps to contain the situation.
While we’ve seen several double and triple extortion methods followed by ransomware actors, exploiting the emergency alert system for pressure is a novel technique. So far, these threat actors have indulged in calling the victim’s partners, emailing their customers and competitors, or setting up data leak portals with search features to push them for payment.
Other Trending News:- News
