35:
extortion attacks on companies and governmental institutions. The group emerged in 2022 and attacked targets in the United States, Brazil, Argentina, Germany, Belgium and
Switzerland.
82:. This enabled Play to extract the addresses of over 400,000 Swiss citizens living abroad who had subscribed to the official newspaper for Swiss expatriates,
178:
100:
288:
103:
and confidential data, including financial data and tax information, was stolen for extortion. Various state-owned companies were affected.
346:
120:
206:
296:
262:
57:
that the group uses to encrypt their victims' data, leaving a message containing the word "PLAY" and an email address.
317:
236:
377:
74:
403:
99:
community fell victim. In May/June, there was a massive hacker attack on an IT service provider of the
66:
149:
84:
373:"Das Ausmass des Hacks gegen einen Dienstleister der Bundesverwaltung ist gewaltiger als angenommen"
150:"Ransomware group behind Oakland attack strengthens capabilities with new tools, researchers say"
72:
In 2023, Play carried out a wave of attacks on
Switzerland. At the end of March, the newspaper
186:
47:
43:
42:
techniques used are similar to those used by other russian-linked ransomware groups such as
89:
54:
397:
28:
78:
was attacked, leading to the penetration of the systems of its service provider,
39:
32:
323:
214:
79:
372:
121:"Play Ransomware Group Used New Exploitation Method in Rackspace Attack"
318:"Leck von Bundesdaten: Bis zu 425'000 Auslandschweizer:innen betroffen"
65:
In 2022, Play carried out a major attack on the
Argentine judiciary of
38:
Security experts suspect that the group has links to Russia, since the
96:
347:"Update: Ransomware-Bande Play gewährt Walliser Gemeinde mehr Zeit"
179:"Rackspace confirms Play ransomware was behind recent cyberattack"
263:"Ransomware Attacks Target Government Agencies in Latin America"
237:"Swiss Government Targeted by Series of Cyber-Attacks"
207:"Hacker group publishes stolen Swiss media data"
8:
172:
170:
144:
142:
140:
111:
53:The name "play" comes from the ".play"
101:Federal administration of Switzerland
7:
14:
371:Eberhart, Jessica (2023-06-15).
316:Rigendinger, Balz (2023-06-27).
235:Poireault, Kevin (2023-06-11).
297:Frankfurter Allgemeine Zeitung
1:
261:Kovacs, Eduard (2022-09-01).
177:Gatlan, Sergiu (2023-01-04).
119:Kovacs, Eduard (2023-01-05).
287:Altwegg, Jürg (2023-04-18).
420:
289:"Böses Spiel mit der NZZ"
241:infosecurity-magazine.com
156:. Cyberscoop. 2023-04-19
353:. Netzwoche. 2023-05-11
243:. Infosecurity Magazine
95:. In the same month, a
378:Neue Zürcher Zeitung
183:bleepingcomputer.com
75:Neue Zürcher Zeitung
187:Bleeping Computer
411:
389:
388:
386:
385:
368:
362:
361:
359:
358:
343:
337:
336:
334:
333:
313:
307:
306:
304:
303:
284:
278:
277:
275:
274:
267:securityweek.com
258:
252:
251:
249:
248:
232:
226:
225:
223:
222:
203:
197:
196:
194:
193:
174:
165:
164:
162:
161:
146:
135:
134:
132:
131:
116:
93:
31:responsible for
419:
418:
414:
413:
412:
410:
409:
408:
394:
393:
392:
383:
381:
370:
369:
365:
356:
354:
345:
344:
340:
331:
329:
315:
314:
310:
301:
299:
286:
285:
281:
272:
270:
260:
259:
255:
246:
244:
234:
233:
229:
220:
218:
205:
204:
200:
191:
189:
176:
175:
168:
159:
157:
148:
147:
138:
129:
127:
118:
117:
113:
109:
87:
85:Schweizer Revue
63:
21:Play Ransomware
12:
11:
5:
417:
415:
407:
406:
396:
395:
391:
390:
363:
338:
308:
279:
269:. Securityweek
253:
227:
198:
166:
154:cyberscoop.com
136:
110:
108:
105:
62:
59:
55:file extension
13:
10:
9:
6:
4:
3:
2:
416:
405:
404:Hacker groups
402:
401:
399:
380:
379:
374:
367:
364:
352:
348:
342:
339:
327:
325:
319:
312:
309:
298:
294:
290:
283:
280:
268:
264:
257:
254:
242:
238:
231:
228:
216:
212:
208:
202:
199:
188:
184:
180:
173:
171:
167:
155:
151:
145:
143:
141:
137:
126:
122:
115:
112:
106:
104:
102:
98:
94:
91:
86:
81:
77:
76:
70:
68:
60:
58:
56:
51:
49:
45:
41:
36:
34:
30:
26:
22:
18:
382:. Retrieved
376:
366:
355:. Retrieved
351:netzwoche.ch
350:
341:
330:. Retrieved
321:
311:
300:. Retrieved
292:
282:
271:. Retrieved
266:
256:
245:. Retrieved
240:
230:
219:. Retrieved
217:. 2023-05-11
211:swissinfo.ch
210:
201:
190:. Retrieved
182:
158:. Retrieved
153:
128:. Retrieved
125:securityweek
124:
114:
83:
73:
71:
64:
52:
37:
29:hacker group
24:
20:
16:
15:
328:(in German)
88: [
384:2023-06-17
357:2023-06-17
332:2023-06-28
302:2023-06-17
273:2023-06-17
247:2023-06-17
221:2023-06-17
192:2023-06-17
160:2023-06-17
130:2023-06-17
107:References
40:encryption
33:ransomware
324:Swissinfo
215:Swissinfo
25:PlayCrypt
398:Category
80:CH-Media
48:Nokoyawa
293:faz.net
67:Córdoba
61:History
27:) is a
97:Valais
19:(also
92:]
322:SWI
46:and
44:Hive
17:Play
326:.ch
23:or
400::
375:.
349:.
320:.
295:.
291:.
265:.
239:.
213:.
209:.
185:.
181:.
169:^
152:.
139:^
123:.
90:de
69:.
50:.
387:.
360:.
335:.
305:.
276:.
250:.
224:.
195:.
163:.
133:.
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.