According to an advisory from the U.S. Department of Health and Human Services (HHS), the Trinity ransomware gang has launched dual extortion attacks against organizations in the healthcare sector. Ransomware gains initial access through phishing emails or software vulnerabilities.
“Trinity ransomware was first observed around May 2024,” the advisory states.
“It is a type of malicious software that enters your system through various attack vectors such as phishing emails, malicious websites, and exploiting software vulnerabilities. Once installed, Trinity ransomware is a multi-threaded Start collecting system details such as number of processors, available threads, and attached drives to optimize encryption operations.
Trinity ransomware then attempts to escalate its privileges by impersonating the token of a legitimate process. This allows them to bypass security protocols and protections. Additionally, Trinity ransomware has demonstrated the ability to perform network scanning and lateral movement, distributing and executing attacks across multiple systems within a target network. ”
Like many other organized ransomware groups, Trinity steals copies of victims' data before encrypting it to increase pressure on victims to pay ransoms.
“Trinity ransomware employs a dual extortion strategy,” HHS explains.
“This includes extracting sensitive data from victims before it is encrypted and threatening to release the data if a ransom is not paid. It's a tactic increasingly seen in new ransomware.
A total of seven victims of Trinity ransomware have been identified so far. Two of the victims have been identified as healthcare providers, one based in the UK and the other a gastroenterology service provider based in the US, and Trinity has It claims to have access to 330 GB of data. ”
New school security awareness training provides organizations with an important layer of defense against ransomware attacks. KnowBe4 empowers employees to make smarter security decisions every day. More than 70,000 organizations around the world trust the KnowBe4 platform to strengthen their security culture and reduce human risk.
HHS has a story like this.
