Ransomhouse attacks Webber International University

Incident Date:

February 26, 2024

World map

Overview

Title

Ransomhouse attacks Webber International University

Victim

Webber International University

Attacker

Ransomhouse

Location

Babson Park, USA

Florida, USA

First Reported

February 26, 2024

RansomHouse Targets Webber International University

The notorious RansomHouse ransomware group has targeted Webber International University and added the institution to its dark web portal. No official statements or responses have been received, leaving the claims of the RansomHouse ransomware cyberattack on these entities unverified.

Webber International University, also known as Webber, is a not-for-profit private institution of higher education. It is located on a 110-acre campus on the beautiful shores of Crooked Lake and Babson Park in Florida and hosts students from more than 48 different countries. It is one of only seven schools recognized by US News & World Report America’s Best Colleges for a business specialty.

About RansomHouse

RansomHouse does not maintain a RaaS (Ransomware-as-a-Service) platform. RansomHouse is a data extortion group that first emerged in December of 2021. They appear to have some level of political motivations, stating they are “pro-freedom and support the free market” and claim to not work with other hacktivists or any intelligence agencies.

They made headlines in 2022 for attacking chipmaker AMD and exfiltrating 450GB of data. RansomHouse attack volumes pale compared to leading threat actors but have been steadily increasing in late 2022 and early 2023. Ransom demands have been reported to range between $1 million and $11 million.

Modus Operandi

RansomHouse appears to be opportunistic, choosing targets for ease of compromise or for ability to pay. RansomHouse is a different kind of threat actor who uniquely “blames” victim organizations for lax security. RansomHouse maintains an active leaks site where they engage in “name and shame” to put pressure on victims to pay the ransom demand.

RansomHouse exfiltrates victim data for double extortion but is also observed to be actively selling stolen data to other threat actors.

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.