Netwalker Ransomware Group attacks Universities in US

August 16, 2020
netwalker ransomware group us universities antimalware malware Michigan State University Columbia College of Chicago • University of California San Francisco

The notorious ransomware group that attacked various hospitals in Spain and a well-known Logistics and Transporation company few months back are currently targeting universities and colleges situated around America. The Netwalker Ransomware operators extort and threaten to publicly release the private data that they managed to acquire unless their monetary demands are met. Since they began operation in August 2019 under the ‘Mailto’ code name, which became Netwalker later on, they have proven to be able to launch successful cyber-attacks as a result of their success, they already made over $25 Million worth of ransom payment.


Which colleges did the Netwalker ransomware group victimize?


  • The Netwalker group breached and threatened the release of financial data, scans of passport, and file repository of Michigan State University (MSU) that was exfiltrated from within their network if their ransom demand is not settled.


  • The hackers informed Columbia College of Chicago about the compromised data they had stolen, which includes many of their students’ and faculty staffs’ records and personally identifiable information. The ransomware operators plan to publish the said records in the Dark Web for selling.


  • University of California San Francisco (UCSF) had confirmed that they been targeted by network intrusion but refused to detail which part of their network that may had been breached. Netwalker claimed the cyberattack as per their Dark Web page. Screenshots of the data leak have been posted on their data leak website that included social security numbers, financials, and employee data as well as detailed medical studies such as research on coronavirus.


Based on the series of recent cyber-attacks and campaigns made by the hacking group, it tells us that many Universities and Learning Institutions may need to scan and analyze areas in their network systems where they may be vulnerable. They must ensure that applications, computer tools, and methods are regularly patched, set up their email solution scanners to detect phishing and malware threats. Because due to cybercriminals like the Netwalker hacking group, it’s only a matter of time before they discover and develop holes for hacking that they can use against reputed organizations and institutions that are connected to the interweb.

About the author

Leave a Reply