Ransomware gang breaks promise not to target medical organizations during coronavirus...


TechSpot Editor
Staff member

We’ve seen several hospitals hit with ransomware over the years, forcing some to run on pen and paper. With so many medical facilities struggling with the influx of coronavirus patients, a ransomware attack right now would be devastating, and almost certainly result in lost lives.

Last week, Bleeping Computer contacted several ransomware operators to see if they planned on targeting health organizations during the outbreak. Only two responded, both promising to avoid entities such as hospitals.

DoppelPaymer said it always tries to avoid medical facilities, and if it did hit one by mistake, the group would offer the decryption key for free. It did warn that some companies try to represent themselves as something else, so it would be double and triple-checking firms before releasing any free keys.

The operators behind Maze ransomware said, "We also stop all activity versus all kinds of medical organizations until the stabilization of the situation with virus." But it appears the group is stretching the truth with that claim. On March 14, the Maze gang attacked the systems of Hammersmith Medicines Research (HMR), a UK company that carried out tests to develop the Ebola vaccine, and performs early clinical trials of drugs and vaccines. It’s ready to perform trials on any Covid-19 vaccines that are being developed.

Computer Weekly reports that while the attack took place before the pledge, the group published thousands of former patients' details days after the promise because HMR refused to pay.

Malcolm Boyce, clinical director of HMR, said, “We repelled [the attack] and quickly restored all our functions. There was no downtime.” He added that the group had sent the company medical files of former patients as proof they had accessed the firm’s data.

Boyce said HMR is a research company, not a pharmaceutical firm, and does not have the funds to pay the ransom demands even if it wanted to. “We have no intention of paying. I would rather go out of business than pay a ransom to these people,” he stressed.

It might appear that cybercriminal gangs are doing the right thing by not targeting medical organizations right now, but it's a promise that should be taken with a grain of salt, as many know that hospitals' current desperation makes them more likely to pay a ransom.

Permalink to story.



TS Maniac
The first thing to do is to train all the knuckleheads not to click on unknown attachments and control their firewall access to eliminate the potential bad sites. Ransomware attacks are easily prevented with training and hardware/software.
  • Like
Reactions: psycros


TS Maniac
Wait, so one can actually reach these losers? Why isn't the FBI all over them trying to figure out where they are located and locking them up? I'm sure it's being tried and they're outsmarting the FBI.


TS Evangelist
"Ransomware could cripple hospitals and cost lives right now"

Uh, ANY time this happens cost lives. It will cost more lives now.

What happens when people like this have to go to their own hospital and it's hacked by someone else? These people are literally killing people by preventing healthcare to people.


TS Evangelist
Even the ACLU couldn't defend these dirtbags. All blackmailers should get 10 years minimum, or better yet, the chair. Same goes for most other premeditated offenses. Even if you're blackmailing your ex to get to see your kid more often its 100% wrong. Never compromise yourself if you can help it and never tolerate the intolerable. Instead of building giant data centers to wiretap innocent people the government should be focusing its resources on making examples of cyber-criminals.


TS Addict
Time to mobilize the intelligence community and partner with the air Force and navy. Right now is a good time to carry out airstrikes on any of these people. If we can't get to them, target their families.

Uncle Al

TS Evangelist
Considering the situation, the government should enable the war-time act, find and execute the suspects, without any legal proceedings.

Their actions currently constitute a crime against humanity, so they deserve it.
The only thing I would add is this should be a public execution, for all the world to see and as a warning to others that are considering the same thing. ANY criminal attempting to do the same thing is indeed a "crime against humanity" and deserves nothing less!
  • Like
Reactions: VitalyT


TS Enthusiast
I suppose air strikes on these individuals would be a bit much, considering location based data is easily spoofed by such criminals. Removal of their primary mouse click finger could be a start, followed by confiscation of all of their personal belongings pending 10 years minimum in the pen. Finger removal first, so inmates could identify them.