Over the weekend, New Orleans officials announced in a press conference that the city was hit by a ransomware attack, the incident was discovered in the morning of December 13, 2019.
The IT staff immediately informed all employees of the incident and asked them to power down computers to avoid the threat spreading.
Employees were ordered to turn off and unplug their computers from the network as soon as possible via the city hall’s public loudspeakers systems.
Every device was disconnected from the city’s networks, at the time the family of the ransomware that infected its systems was not revealed.
Now, additional information on the attack was shared in the media.
According to files uploaded to the VirusTotal scanning service, the ransomware involved in the City of New Orleans was likely the Ryuk Ransomware.
The day after the ransomware attack on the City of New Orleans, on December 14th, 2019, memory dumps of suspicious
“One of these memory dumps, which contained numerous references to New Orleans and Ryuk, was later found by Colin Cowie of Red Flare Security and shared with BleepingComputer.com.” reported
The dump discovered by Cowie is associated with an executable named ‘
The expert noticed that the dump contained the HERMES file marker, file names ending with the
“Of particular interest in the v2.exe memory dump is a string that refers to the New Orleans City Hall.”
“After further digging around,
Let’s wait for more details about the attack from the City of New Orleans.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.