By Graham Cluley – A new ransomware operation has started to leak information it claims has been stolen from organisations it has compromised around the world.

In recent days Valencia Ransomware has posted on its dark web leak site’s so-called “Wall of shame” links to gigabytes of downloadable information that has seemingly been exfiltrated from a Californian municipality, a pharmaceutical firm, and a paper manufacturer.

The alleged victims include the City of Pleasanton in California (where the attacker claims to have stolen 283GB of sensitive information), Malaysian pharmaceutical firm Duopharma Biotech (25.7GB), Indian paper manufacturer Satia (7.1GB), and Bangladeshi drugs maker Globe Pharmaceuticals (200MB).

There are additionally claims that Spanish fashion giant Tendam has also been hit by the Valencia group. If that is accurate, it is particularly unfortunate, as the firm was also reportedly hit by the Medusa ransomware earlier this month.

There has been speculation online that some of the Valencia group’s attacks may be linked to the exploitation of critical vulnerabilities in the WhatsUp Gold networking monitoring software from Progress.

Vulnerabilities that made it possible to takeover WhatsUp Gold admin accounts were discovered and responsibly disclosed in May, and proof-of-concept exploit code was published at the end of August.

Within hours of the proof-of-concept code being published, security firms were reporting evidence that the flaw was being actively exploited by cybercriminals.  Read On: