Trusted

Bitcoin Ransomware Attack Paralyzes 25 Romanian Hospitals

2 mins
Updated by Kyle Baird
Join our Trading Community on Telegram

In Brief

  • Bitcoin ransomware attack paralyzes 25 Romanian hospitals, with a demand of 3.5 BTC, approximately $173,000.
  • Attack targeted the Hipocrate Information System used by hospitals, encrypting the database forcing it offline.
  • The malware used was "Backmydata" ransomware, a variant from the Phobos malware family, exploiting flaws in RDP services.
  • promo

A Bitcoin ransomware attack has targeted hospitals across Romania, according to reports in local media. The ransom demand is 3.5 BTC, worth approximately $173,000 at current prices. 

As many as a hundred hospitals across Romania have taken their systems offline following a ransomware attack targeting their healthcare management system.

Bitcoin Ransomware Demands

According to reports in local media, the ransom demand message does not specify a group claiming responsibility for the attack. Just an e-mail address was provided. 

The hackers targeted the Hipocrate Information System (HIS) used by hospitals to manage medical activity and patient data. Moreover, they took the system offline after encrypting its database.

Furthermore, the attackers have already been confirmed to have encrypted the data of 25 hospitals. An additional 75 other healthcare facilities using HIS have also taken their systems offline as a precautionary measure, according to reports.

Authorities recommend not contacting or paying the attackers. Additionally, affected hospitals were advised to isolate systems, keep evidence, restore from backups, and update software. 

“After 400 computers and servers were shut down, we worked mostly on paper,” said Regional Institute of Oncology manager Mirela Grosu. The Romanian Ministry of Health said:

“The incident is under investigation by IT specialists, including cybersecurity experts from the National Cyber Security Directorate (DNSC), and the possibilities for recovery are being assessed. Exceptional precautionary measures have also been activated for the other hospitals not affected by the attack.”

Read more: 15 Most Common Crypto Scams To Look Out For

The DNSC added that the attackers used “Backmydata” ransomware, a variant from the Phobos malware family, to encrypt the hospitals’ data.

Furthermore, the malware usually infects systems by exploiting flaws in Remote Desktop Protocol (RDP) services. These include weak login credentials.

Ransomware involves deploying malware that restricts access to computer systems or data and demanding ransom, usually in crypto, for its release.

BTC Demands

Nevertheless, Bitcoin demands in ransomware attacks are not new. In September, the UK’s National Cyber Security Centre (NCSC) and National Crime Agency (NCA) published a report detailing the increase in ransomware attacks.

In May 2017, the UK’s National Health Service (NHS) faced a huge ransomware threat. This was known as the infamous “WannaCry” attack, which disrupted hospitals nationwide.  

WannaCry Bitcoin ransomware that was used in the 2017 attack on NHS computer systems. Source: ZDNET
WannaCry Bitcoin ransomware used in the 2017 attack on NHS computer systems. Source: ZDNET

According to an Immunefi report in 2023, the top ten ransom payments globally amounted to nearly $70 million in BTC. The report noted that Russian hacking collectives predominantly deploy the malware. However, nobody has claimed credit for the Romanian attack yet.

The Russian-based DarkSide Group was behind the 2021 Colonial Pipeline attack that crippled fuel supplies across the East Coast of the US.

🎄Best crypto platforms in Europe | December 2024
eToro eToro Explore
Coinrule Coinrule Explore
Uphold Uphold Explore
Coinbase Coinbase Explore
3Commas 3Commas Explore
🎄Best crypto platforms in Europe | December 2024
eToro eToro Explore
Coinrule Coinrule Explore
Uphold Uphold Explore
Coinbase Coinbase Explore
3Commas 3Commas Explore
🎄Best crypto platforms in Europe | December 2024

Disclaimer

In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and ConditionsPrivacy Policy, and Disclaimers have been updated.

profile.jpg
Martin Young
Martin Young is a seasoned cryptocurrency journalist and editor with over 7 years of experience covering the latest news and trends in the digital asset space. He is passionate about making complex blockchain, fintech, and macroeconomics concepts understandable for mainstream audiences.   Martin has been featured in top finance, technology, and crypto publications including BeInCrypto, CoinTelegraph, NewsBTC, FX Empire, and Asia Times. His articles provide an in-depth analysis of...
READ FULL BIO
Sponsored
Sponsored