Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
Following claims by ransomware gang FSociety of a successful hack, ANU declares no active threat and closes its investigation.
Nearly a week after being listed as a victim on the darknet leak site of the ransomware gang FSociety, the Australian National University (ANU) has said it has found no evidence of any threat to its data.
“ANU has investigated the claim, alongside the Australian Cyber Security Centre,” an ANU spokesperson told Cyber Daily today, 24 February.
“There is currently no indication of an active ransomware threat against ANU. This investigation is now closed.”
Last weekend, around 16 February, FSociety made a post referring to the compromise of both student and teacher data.
“To the board of A********n N******l U********y,” FSociety said.
“We have took over the servers A*u.edu.au and before encryption we extracted all data, we will give you (seven) days before any leak. All Student and Teacher Leak in this field will hurt future image, if you comply we will be willing to make this all go away. We will be waiting for your response.”
When Cyber Daily contacted ANU about the claim, a spokesperson said the matter was under investigation and that the Australian Signals Directorate’s Australian Cyber Security Centre was providing assistance.
As of today, however, there is no post alluding to any incident involving ANU or its students and staff – FSociety appears to have deleted the post sometime within the last seven days.
Ransomware gangs have been known to list victims incorrectly on their leak sites, especially in cases of mistaken identity. Last month, the Qilin ransomware operation mistakenly identified one of its victims as global training firm Richardson Sales Performance. However, the data the gang was threatening to publish actually belonged to – and was presumably stolen from – a company called Richardson Projects, which is based in Sri Lanka.
FSociety – at least in its current incarnation – has only been active since May 2024, but a group with the same name was first observed in 2016 when it was found to be developing a new ransomware variant. Both that operation and the current one use the same logo as the fictional FSociety hacking group featured in the television program Mr Robot.
The gang has certainly published the data of its victims in the past, with several datasets from several victims currently live on its darknet leak site.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
