RansomHub Targets Universidad Nacional Autónoma de México in Ransomware Attack

Overview of the Attack

The Universidad Nacional Autónoma de México (UNAM), one of Latin America's largest and most prestigious universities, has recently fallen victim to a ransomware attack orchestrated by the emerging cybercriminal group RansomHub. The attackers have claimed to have exfiltrated 20 GB of data from UNAM's systems.

Victim Profile: Universidad Nacional Autónoma de México

UNAM, established on September 21, 1551, is a cornerstone of higher education in Mexico, known for its extensive academic offerings and significant cultural influence. The university employs over 7,600 staff and caters to a large student body across multiple campuses. As a hub of research and educational excellence, UNAM is integral to the academic and cultural fabric of Mexico.

Ransomware Group Profile

RansomHub, a relatively new player in the ransomware arena, operates on a Ransomware-as-a-Service (RaaS) model. This group is noted for its claims of attacks backed by actual data leaks, primarily targeting institutions across various countries indiscriminately. RansomHub's use of Golang in their ransomware development marks a strategic choice, aligning with emerging trends in cyber threats.

Potential Vulnerabilities and Entry Points

While the exact method of infiltration used by RansomHub in the attack on UNAM has not been specified, common entry points in similar cases include phishing, exploitation of unpatched systems, or compromised credentials. Educational institutions like UNAM often manage vast amounts of sensitive data and intellectual property, making them attractive targets for ransomware attacks.

Sources

• Dark Web Profile: RansomHub - SOCRadar
• UNAM International
• Bloomberg - Universidad Nacional Autónoma de México Company Profile
• Dun & Bradstreet - Universidad Nacional Autónoma de México
• RocketReach - Universidad Nacional Autónoma de México Profile

```