RansomExx Gang Target French Health Insurance Company in a Ransomware Attack

Mutuelle Nationale des Hospitaliers (MNH), a French health insurance company has been hit by a ransomware attack that has severely affected the company’s operations. French health insurance company MNH provides health insurance services and has plans focused on the health department.
The world's most advanced processor in the desktop PC gaming segment Can deliver ultra-fast 100+ FPS performance in the world's most popular games 12 cores and 24 processing threads, bundled with the AMD Wraith Prism cooler with color controlled LED ... read more
(as of February 28, 2021 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
AMD's fastest 6 core processor for mainstream desktop, with 12 processing threads Can deliver elite 100+ FPS performance in the world's most popular games Bundled with the quiet, capable AMD Wraith Stealth cooler 4.6 GHz Max Boost, unlocked for overc... read more
(as of February 28, 2021 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
System ram type: DDR4_sdram
(as of February 28, 2021 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
The company’s website mnh.fr displays a notice stating that it has been affected by a cyberattack that began on February 5. Due to this attack, the computer system and telephone services are unavailable. Members of the insurance company use the MNH website to design insurance quotes or to manage services and benefits.
Gerard Vuidepot, CEO of MNH, stated that “the MNH has been undergoing a cyber-attack since Friday, February 5, 2021. Computer systems have been disconnected for security reasons. Our websites (mnh.fr, member area, corresponding and elected extranets) and our telephone platform (3031) are temporarily unavailable. The processing times for your requests are being extended”.
As per the reports of BleepingComputer, an independent security expert shared a Tor web page that acts as a ransom negotiation page for the MNH attack that connects to the mnh.fr website. The page directs how the cybercriminals will negotiate with the firm and also advises MNH to employ a protonmail account while negotiating and not to reach out to the cops, or the cops will seize their bank accounts.
The site provides the ability to send a single email to the ransomware gang and perform test decryption of a single file. According to BleepingComputer, this Tor site is operated by ‘RansomExx’, a rebranded version of the Defray777 ransomware. This ransomware group has been operating since 2018, after updating their name to RansomExx in June 2020 it’s modus operandi has become more potent and are targeting high-profile companies.
Some of the high-profile organizations targeted by the RansomExx group in the past include the Texas Department of Transportation (TxDOT), Konica Minolta, Brazilian government networks, IPG Photonics, and Tyler Technologies. RansomExx has designed its own Linux version to make certain that they target all critical servers and data in a firm.
If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.