RansomHub Targets U.S. Government with Sophisticated SocGholish Attacks

March 18, 2025Source: Cybersecurity Dive

Found this useful? Share it with your network

RansomHub, a new ransomware group, is utilizing the SocGholish malware-as-a-service framework to conduct attacks against U.S. government entities and various sectors, reportedly affecting over 200 victims since early 2024, including Change Healthcare and Rite Aid. SocGholish, operational since 2018, lures users into downloading malicious software through deceptive browser and software updates, leveraging a network of compromised websites. The malware employs an obfuscated JavaScript loader and utilizes a traffic distribution system to direct users to these threats, while also incorporating Python-based backdoors for initial access to command and control servers in their ransomware operations.

Read Full Article

Opens on Cybersecurity Dive

More News

AMA Asking For Stronger Safeguards on AI Mental Health Chatbots

April 29, 2026MobiHealthNews

Andrea Daugherty Appointed Chief Information and Digital Transformation Officer at ARMC

April 24, 2026arrowheadregional.org

Craig Richardville Appointed Chief Digital and Information Officer at UF Health

April 13, 2026ufhealth.org

Former AMA Exec Margaret Lozovatsky Named CDIO At Premier Health

April 10, 2026premierhealth.com

Signature Healthcare Diverts Ambulances Following Cybersecurity Incident

April 8, 2026SecurityWeek

More Than 100 Hospitals Suing HHS Over Alleged Underpayment

April 6, 2026MedCity News