US government agency HC3: Trinity ransomware steals sensitive data from medical organizations and demands cryptocurrency ransom

The U.S. Department of Health Cybersecurity Coordination Center (HC3) recently released a brief introduction to the Trinity ransomware that targets sensitive data. Attackers use phishing emails, malicious websites, and software vulnerabilities to trick victims into installing the ransomware on their computers. It then searches for and collects sensitive information from the computer and sends it to the hackers. The ransomware also encrypts the victim's files with an algorithm, rendering them invalid. After encrypting the files, the ransomware generates a notification telling the victim that it has extracted and encrypted their data and demands a ransom in exchange for a decryption key. The notification also tells the victim that they have 24 hours to pay in cryptocurrency or their data will be leaked. HC3 said that the Trinity ransomware targets critical infrastructure, such as healthcare providers. The government agency said that seven organizations have fallen victim to the ransomware. "HC3 is aware of at least one healthcare organization in the United States that has recently fallen victim to the Trinity ransomware," the HC3 report said. (Cointelegraph)