Skip to content
All topics

Ransomware

The ransomware and extortion campaigns that froze hospitals, pipelines and city governments — and the crews behind them.

  1. 01

    Colonial Pipeline: One Password Stopped the Fuel

    In 2021 DarkSide ransomware entered Colonial Pipeline through one leaked VPN password, halting half the US East Coast gasoline supply for a week.

  2. 02

    Conti Leaks: A Ransomware Gang Spills Its Files

    In 2022, after Conti backed Russia's invasion of Ukraine, a Ukrainian insider leaked two years of the ransomware gang's internal chats and source code.

  3. 03

    Kaseya: The Holiday Weekend REvil Locked 1,500 Firms

    REvil exploited Kaseya VSA over the July 4th weekend, cascading ransomware through managed service providers to roughly 1,500 downstream businesses.

  4. 04

    WannaCry: The Worm That Froze Hospitals Worldwide

    WannaCry, a 2017 North Korean worm wielding the leaked NSA EternalBlue exploit, froze UK hospitals until a researcher accidentally tripped its kill switch.

  5. 05

    MOVEit: The Zero-Day Cl0p Used to Strip Thousands

    A managed file-transfer tool sat between thousands of organizations and their payroll providers. The Cl0p gang found a zero-day in it and stripped them all in a weekend.

  6. 06

    Change Healthcare: Ransomware Froze US Claims

    In 2024 ALPHV/BlackCat ransomware crippled Change Healthcare, the clearinghouse behind a third of US medical claims, stranding pharmacies for months.

  7. 07

    LockBit Takedown: Police Seized the Gang's Stage

    Operation Cronos took down LockBit as police from ten countries seized the leak site of the most prolific ransomware brand and mocked its leaders publicly.

  8. 08

    Medibank: When Refusing to Pay Cost Patients Their Privacy

    When Australia's largest health insurer refused to pay, the attackers published abortion records, addiction histories, and HIV status by way of demonstration.

  9. 09

    MGM and Caesars: The Phone Call That Closed the Casinos

    Two of the largest casino operators in the world were taken down by the same group within a week, both via the help desk and a confident phone call.

  10. 10

    Norsk Hydro: The Ransomware Victim Who Went Public

    When LockerGoga encrypted the Norwegian aluminum giant's entire IT estate, the company refused to pay and instead invited journalists into the war room.

  11. 11

    Travelex: The Ransomware That Ruined New Year's Eve

    Travelex was crippled on New Year's Eve 2019 by Sodinokibi ransomware through an unpatched VPN flaw, paying roughly $2.3 million in Bitcoin to recover.

  12. 12

    JBS Foods: The Ransomware That Halted Meat

    The JBS Foods attack saw REvil ransomware shut the world's largest meat processor across two continents and extract an 11 million dollar Bitcoin ransom.

  13. 13

    Costa Rica vs. Conti: Ransomware Triggers Emergency

    In 2022 Conti ransomware paralyzed Costa Rica's finance ministry and beyond, prompting the president to declare the first national cyber emergency.