Rhysida Ransomware Hackers Cripple Canada's MYC Media

By Bogdan Pătru . 8 July 2024

Tech Writer

Fact-Checked this

Rhysida ransomware announced that they’ve breached Canada-based MYC Media. There are no clear details about the attack, aside from the victim’s profile and the deadline for completing the negotiations: 7 days.

After the 7-day period has passed, the hackers will leak the stolen data publicly, usually on the Dark Web
Rhysida is a relatively new ransomware organization, being observed publicly for the first time in May 2023
The gang operates as a RaaS (Ransomware-as-a-Service), relying on affiliates to conduct most of its operations
MYC Media hasn’t commented on the attack, so it’s unclear how they’ve decided to act on it

Ransomware attacks are extremely damaging to a company’s finances, reputation, and overall structure. In many cases, the victim is forced by the circumstances to pay the ransom, despite not wanting to.

Several reasons can account for that, including the sensitivity of the stolen data or not being able to remove the encryption safely. This explains why the ransomware sphere appears to be on an upward trend, with more attacks hitting the public scene regularly.

X showing the Rhysida ransomware attack on MYC Media — https://x.com/FalconFeedsio/status/1809859204204695880

Despite being relatively new, Rhysida is already making waves on a global scale. The gang relies on the tried-and-tested double-extortion tactic. This implies forcing the victim to pay to get the decryption key and prevent their data from leaking publicly.

The pressure can often force the victims to comply, despite their better judgment. This is especially the case with medium-to-large companies that are in possession of a lot of sensitive data. This explains why the ransomware business remains so profitable today.

You’ve Been Breached by Rhysida – Now What?

If you’ve never experienced a ransomware breach, you may be confused about how exactly to proceed. The standard answer is: don’t pay the ransom. Don’t even negotiate with the hackers. Simply take the hit, find ways to decrypt your own files (with professional help), and call it a day.

Paying the ransom isn’t likely to produce anything positive. In most cases, the hackers won’t even delete the stolen data, despite promising that they will. And you have no way of verifying that. Which will naturally create trust problems.

Plus, paying the ransom will typically have the opposite effect. Instead of fixing your problems, it will more likely create new ones. One such issue comes from the hackers placing you on their “to revisit” list. And it makes sense.

You’ve already proven to be willing to pay the ransom. Maybe you’ll do the same in the future. To summarize, most cybersecurity experts advise against paying the ransom for all the reasons that we’ve already mentioned.

That being said, some situations require you to pay. This is for a variety of reasons, including the legal implications of the data breaches, the impossibility of removing the encryption, and the sensitivity of the leaked data.

Even if the hacker won’t delete the data, at least you get to recover it. Ultimately, it all comes down to your specific situation and whatever you decide to do.

Just keep in mind that ransomware organizations require payments to survive. If nobody would pay any ransom, they would cease to exist.

Our Mission

We believe security online security matters and its our mission to make it a safer place.

Author, Creative Writer, and Tech-Geek Bogdan has followed his passion for the digital world ever since he got his hands on his first PC. After years of accumulating knowledge and experience, the good Samaritan in him whispered to him one day about the virtue of sharing that knowledge with those who needed it. It was in 2014 when that idea would grow into a life-defining passion. One that keeps driving him to this day.

Cookie	Duration	Description
CookieLawInfoConsent	1 year	CookieYes sets this cookie to record the default button state of the corresponding category and the status of CCPA. It works only in coordination with the primary cookie.
viewed_cookie_policy	1 year	The GDPR Cookie Consent plugin sets the cookie to store whether or not the user has consented to use cookies. It does not store any personal data.
wpEmojiSettingsSupports	session	WordPress sets this cookie when a user interacts with emojis on a WordPress site. It helps determine if the user's browser can display emojis properly.

Cookie	Duration	Description
_ga	1 year 1 month 4 days	Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors.
_ga_*	1 year 1 month 4 days	Google Analytics sets this cookie to store and count page views.
_gat_UA-*	1 minute	Google Analytics sets this cookie for user behaviour tracking.
_gid	1 day	Google Analytics sets this cookie to store information on how visitors use a website while also creating an analytics report of the website's performance. Some of the collected data includes the number of visitors, their source, and the pages they visit anonymously.
_omappvp	1 year 1 month 4 days	The _omappvp cookie is set to distinguish new and returning users and is used in conjunction with _omappvs cookie.
_omappvs	20 minutes	The _omappvs cookie, used in conjunction with the _omappvp cookies, is used to determine if the visitor has visited the website before, or if it is a new visitor.

Rhysida Ransomware Hackers Cripple Canada’s MYC Media

You’ve Been Breached by Rhysida – Now What?

Our Mission

Bogdan Pătru

Leave a Comment Cancel