The notorious Rhysida ransomware group has added MYC Media to its long list of high-profile victims. MYC Media is a leading creative agency based out of Canada and specializes in providing comprehensive marketing solutions to businesses online. Rhysida ransomware group allegedly carried out a cyberattack on the digital company on July 7, 2024 and has given the company six days to respond. The threat actor has also demanded a ransom of 5 bitcoins as ransom for selling the data.

Understanding the MYC Media Ransomware Attack

According to its LinkedIn Page, “MYC Media is your national creative agency providing full-service marketing to businesses looking to expand their brand’s reach and make an impact. Over the past decade, we have evolved into a company which excels in many areas – from online marketing and website development to all types of printing and manufacturing services. We are well positioned to service any variety or size of business, from startups to multi-national corporations.” [caption id="attachment_80768" align="alignnone" width="1905"] Source: MYC Media website[/caption] The company was founded in 2008 in Mississauga, Ontario and employs around 11-50 employees along with 34 associate members. It has six divisions including MYC Graphics which takes care of printing, manufacturing and installation; Market Your Car - Vehicle Wraps and Graphics; MYC Interactive - Website Design, Development and Online Marketing; Pixter Studio - Online Wall Art, Canvas and Print Studio and FoodTruckWraps.ca - Food Truck Wraps and Graphics Specialists. Though the threat actor did not share details of the alleged ransomware attack, the group, on its dark web post, appealed to its buyers, “With just seven days on the clock, seize the opportunity to bid on exclusive, unique and impressive data. Open your wallets and be ready to buy exclusive Data. We sell only to one hand, no reselling, you will be the only owner!” [caption id="attachment_80769" align="aligncenter" width="670"] Source: X[/caption]

Potential Impact of MYC Media Ransomware Attack

If proven, the potential consequences of this ransomware attack could be critical. The media organization should take appropriate measures to protect the privacy and security of the stakeholders involved. Ransomware attacks can lead to identity theft, financial fraud, and a loss of trust among clients, potentially jeopardizing the company’s standing in the industry. Currently, details regarding the extent of the Rhysida ransomware attack, data compromise, and the motive behind the cyber assault remain undisclosed. Despite the claims made by Rhysida, the official website of MYC Media remains fully functional. This discrepancy has raised doubts about the authenticity of the Rhysida group’s assertion. To ascertain the veracity of the claims, The Cyber Express has reached out to the officials of the affected organizations. As of writing this news report, no response has been received, leaving the ransomware attack claim unverified.

Rhysida Group Targeted Big Names Previously

Rhysida is a notorious group that encrypts data on victims' systems and threatens to make it publicly available unless a ransom is paid. The group uses eponymous ransomware-as-a-service techniques, targets large organizations rather than making random attacks on individuals, and demands large sums of money to restore data. The group orchestrated the notable 2023 British Library cyberattack and Insomniac Games data breach. It has also targeted many organizations, including some in the US healthcare sector, and the Chilean army. In November 2023, the US agencies Cybersecurity and Infrastructure Security Agency (CISA), FBI and MS-ISAC published an alert about the Rhysida ransomware and the actors behind it, with information about the techniques the ransomware uses to infiltrate targets and its mode of operation. The US CISA report states, “Threat actors leveraging Rhysida ransomware are known to impact “targets of opportunity,” including victims in the education, healthcare, manufacturing, information technology, and government sectors.” Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.