NoEscape attacks Ordine Degli Pscologi Della Lombardia

Incident Date:

October 10, 2023

World map

Overview

Title

NoEscape attacks Ordine Degli Pscologi Della Lombardia

Victim

Ordine Degli Pscologi Della Lombardia

Attacker

Noescape

Location

Milan, Italy

Lombardy, Italy

First Reported

October 10, 2023

NoEscape Ransomware Gang Targets Ordine Degli Psicologi Della Lombardia

The NoEscape ransomware gang has attacked Ordine Degli Pscologi Della Lombardia. The "Ordine degli Psicologi della Lombardia" is the regional association for psychologists in Lombardy, Italy. It is a part of the broader "Ordine Nazionale degli Psicologi" (National Order of Psychologists) and is responsible for regulating the practice of psychology within the Lombardy region.

No Escape posted Ordine Degli Pscologi Della Lombardia to its data leak site on October 10th, threatening to publish 7GB of stolen data by October 17th if the organization fails to pay an unspecified ransom. NoEscape is a ransomware-as-a-service operation. The ransomware builder interface allows affiliates to customize various settings when creating the ransomware executables. However, the primary function of NoEscape is to encrypt files.

Victims of NoEscape receive a note informing them that their network has been breached and infected by a group called NoEscape. The note reveals that all of their company documents, databases, and other crucial files have been encrypted. Additionally, the perpetrators have also obtained the victims' confidential documents, personal data, and sensitive information.

To regain access to their files, the victims are instructed to make a payment in exchange for a special recovery tool. Non-compliance with this demand will result in the victims' files remaining encrypted indefinitely, and the stolen information being offered for sale on the darknet.

To facilitate the payment process, the victims are advised to download and install the TOR browser and access a specific link provided in the note. They must then enter their ID and follow the accompanying instructions.

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.