Payload Ransomware Claims the Hack of Royal Bahrain Hospital

Payload Ransomware Claims the Hack of Royal Bahrain Hospital 🚨

The Payload Ransomware group claims to have breached the Royal Bahrain Hospital (RBH), a leading healthcare facility in Bahrain. Specifically, the group asserts that they have hacked RBH and stolen 110 GB of data. The ransomware gang has added the healthcare facility to its Tor data leak site and published images of allegedly hacked systems as proof of the attack. Furthermore, the group is threatening to release the stolen data if the ransom is not paid by March 23.

Royal Bahrain Hospital, founded in 2011, is a healthcare facility with 70 beds offering inpatient and outpatient services, including surgery, maternity care, and diagnostics. This institution serves patients from Bahrain and neighboring countries such as Oman, Qatar, Saudi Arabia, and the United Arab Emirates.

Payload ransomware is a relatively new cybercrime operation, which utilizes a double-extortion model that combines data theft and file encryption to pressure victims. The group has primarily targeted mid- to large-size companies in sectors such as real estate and logistics, mainly in emerging markets. Technically, the ransomware uses ChaCha20 for file encryption and Curve25519 for key exchange, while deleting shadow copies and disabling security tools. Like many modern crews, Payload likely operates as a ransomware-as-a-service scheme and runs a Tor leak site to publish data from non-paying victims.

For more details, check out the full article here: Read full article