Pryx Ransomware

edit

Pryx is a ransomware group that emerged in April 2024. It gained notoriety for its attack on Rowan College at Burlington County (rcbc.edu) and a significant breach of the United Arab Emirates (UAE) government. The group is known for its double extortion tactics, encrypting victims' data and threatening to leak stolen information unless a ransom is paid.[1][2]

History

edit

Pryx first appeared in April 2024 when it attacked Rowan College at Burlington County, compromising systems and stealing over 30,000 university applications. This incident highlighted the group's ability to target educational institutions.[3]

Subsequently, Pryx executed a major cyberattack against multiple UAE government bodies. This attack, claimed by a hacker affiliated with the group on the BreachForums hacking forum, targeted critical infrastructure and compromised sensitive government data. The extent of the UAE breach is still under investigation.[4]

Modus Operandi

edit

Pryx employs a double extortion tactic, encrypting victims' data and threatening to leak stolen information publicly unless a ransom is paid. The group operates a data leak site where it publishes details of victims who refuse to comply with their demands.[5]

Impact

edit

The attacks by Pryx have caused significant disruptions to affected organizations. The theft of sensitive data from both educational institutions and government entities has raised concerns about privacy, national security, and economic stability.[6]

Attribution

edit

While the exact origin of Pryx remains unknown, the group has been linked to a major cyberattack on the UAE government. A hacker claiming affiliation with Pryx announced the attack on BreachForums, sharing samples of the stolen data. The extent of the breach and the true origin of the group are still under investigation.[4]

References

edit