A day after a Navi Mumbai hospital and hotel became targets of a ransomware attack Attack.Ransom , cyber fraudsters encrypted data belonging to a Dadar-based chartered accountant and demanded money Attack.Ransom to remove the block on the data on Monday . While the incident Attack.Ransom took place on Monday , the complainant , realised that his data has been blocked on Tuesday . “ A case of ransomware was reported , following which , an FIR has been registered at the Bhoiwada police station , ” said Deputy Commissioner of Police ( Zone 4 ) N Ambika . While the FIR was lodged on Thursday , no arrest has been made in the case yet . Police said the incident Attack.Ransom took place on Monday at the complainant ’ s office near Framroz court in Dadar . Around 2.15 pm , a message flashed on the complainant ’ s computer screen saying , “ You have to pay Attack.Ransom for decryption in bitcoins . The price depends on how fast you write to us . After payment , we will send you the decryption key , which will decrypt all your files. ” The message also had an email address , on which he was to write to the fraudsters . Around 7 pm , when the complainant tried to use a computer for some work , he could not access the data . When he tried other computers , he faced the same problem . He also found that some data and software had been deleted . Suspecting that a computer virus may be behind this , he copied the other files still available from the computer . The complainant then left for the day and asked an employee from the information technology department to look into the matter . The employee later told him that the data had not been deleted but encrypted by fraudsters . On Sunday , the MGM hospital in Navi Mumbai was attacked Attack.Ransom by a ransomware . Its data was locked out and the fraudsters demanded payment Attack.Ransom in bitcoins .

Colorado investigators call in FBI , work through the night . Colorado Department of Transportation employees spent a second day offline Thursday as security officials investigated the damage done by a ransomware virus that hijacked computer files and demanded payment Attack.Ransom in bitcoin for their safe return . The state ’ s Office of Information Technology , which reached out to the FBI for assistance , are still investigating the attack Attack.Ransom and have not paid Attack.Ransom a cent to attackers — nor do they plan to , said Brandi Simmons , an OIT spokeswoman . “ No payments have been made or will be made . We are still investigating to see whether or not files were damaged or recovered Attack.Databreach , ” she said in an email Thursday . On Wednesday morning , CDOT shut down more than 2,000 employee computers while security officials investigated the attack . The malicious code was a variant of ransomware known as SamSam , Simmons said . McAfee , the security software used by CDOT computers , provided Vulnerability-related.PatchVulnerability a software patch on Wednesday to stop the execution of the ransomware . “ This ransomware virus was a variant and the state worked with its antivirus software provider to implement Vulnerability-related.PatchVulnerability a fix today . The state has robust backup and security tools and has no intention of paying ransomware Attack.Ransom . Teams will continue to monitor the situation closely and will be working into the night , ” said David McCurdy , chief technology officer , Governor ’ s Office of Information Technology , in a statement on Wednesday . He added : “ OIT , FBI and other security agencies are working together to determine a root cause analysis. ” SamSam last showed up in January after targeting the healthcare industry . It encrypted files and renamed them “ I ’ m sorry , ” according to a report with security firm TrendMicro . One hospital , Hancock Health in Indiana , paid Attack.Ransom $ 55,000 to get its files back . TrendMicro said the attack Attack.Ransom wasn ’ t due to an employee opening an infected email , but hackers gained access remotely using a vendor ’ s user name and password . “ No one is back online . What we ’ re doing is working offline . All our critical services are still online — cameras , variable message boards , CoTrip , alerts on traffic . They are running on separate systems , ” Ford said . “ The message I ’ m sharing ( with employees ) is CDOT operated for a long time without computers so we ’ ll use pen and paper. ” There ’ s only one Mac computer in the office and it wasn ’ t turned on , Ford said , because “ We ’ re not messing around today . ”

Rick Wang , an official with Taiwan ’ s Financial Supervisory Commission ( FSC ) , said each brokerage had received an email setting a deadline for the transfer of funds to avoid a distributed denial of service ( DDoS ) attack . They have become common tools for cyber criminals trying to cripple businesses and organizations with significant online activities . “ We have never seen this on such a scale - five companies hit at one time with the same threat , ” said Wang , adding that the regulator usually sees single instances of cyber-crime . FireEye , a cybersecurity consultancy , said the attacks were similar to a wave of threatened denial of service attacks by a previously unidentified group that first appeared in Europe last month . The Taiwan attacks do not pose a threat to the island ’ s broader trading and financial system , Wang said , but he added that the regulator had asked all securities firms to step up defensive measures . “ The emails were sent under the name of the ‘ Armada Collective ’ , ” said Chiu Shao-chou , an official of the internet cybercrime division of Taiwan ’ s Criminal Investigation Bureau , the government ’ s top investigation body . The Armada Collective , a hacking extortion group , has been linked to financial blackmail heists elsewhere . But Chiu said the group has been put under watch and Taiwan investigators were still looking into the original source of the emails . The email demanded payment Attack.Ransom in web-based digital currency bitcoin equivalent to about T $ 300,000 ( $ 9,731.41 ) , Taiwan media said . None of the securities companies made any payments Attack.Ransom , Chiu said . Another brokerage firm , Capital Securities Corp , was hit on Monday by a DDoS attack lasting 20 minutes before its system recovered , the regulator said , but it did not link the latest case to the threatening emails