Ptechhub
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs
No Result
View All Result
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs
No Result
View All Result
PtechHub
No Result
View All Result

US Government Issues Advisory on Ransomware Group Blamed for Halliburton Cyberattack

SECURITY WEEK by SECURITY WEEK
August 30, 2024
Home Cybersecurity
Share on FacebookShare on Twitter

The RansomHub ransomware group is believed to be behind the attack on oil giant Halliburton, and the US government has issued an advisory focusing on the cybercrime gang.

Halliburton, considered the world’s second largest oil service company, revealed on August 21 in an SEC filing that an unauthorized third party had gained access to some of its systems.

While no technical details were made public, the incident response steps described by the company suggested that it may have been targeted in a ransomware attack. 

Since the incident came to light, there have been several unconfirmed reports that RansomHub is behind the Halliburton incident, including from reputable ransomware researcher Dominic Alvieri. 

On Reddit, a few anonymous individuals mentioned RansomHub being behind the attack, with one claiming that data was stolen and that the cybercriminals had been demanding a $45 million ransom.

Bleeping Computer also reported on Thursday that RansomHub is behind the Halliburton attack, based on some indicators of compromise (IoCs).

RansomHub’s leak website does not mention Halliburton at the time of writing, which suggests that — if they are indeed behind the attack — the cybercriminals are still in negotiations with the company.

Halliburton has not made public any information beyond its initial statement and SEC filing. SecurityWeek has reached out to the company for confirmation that it was targeted by the RansomHub ransomware group and will update this article if the company responds.

The cybersecurity agency CISA, the FBI, the HHS and the Multi-State Information Sharing and Analysis Center (MS-ISAC) on Thursday published a joint advisory detailing RansomHub attacks.

The advisory describes the tactics, techniques and procedures (TTPs) used in RansomHub attacks and shares IoCs that can be used to detect and prevent intrusions. 

According to the government agencies, the RansomHub operation has encrypted and exfiltrated data from at least 210 victims since its inception in February 2024. 

RansomHub’s Tor-based leak website currently lists 180 victims, but the US government is likely aware of additional victims. 

The government advisory mentions that RansomHub victims are from various critical infrastructure sectors, including water, IT, government services and facilities, healthcare, emergency services, financial services, food and agriculture, commercial facilities, critical manufacturing, communications, and transportation. 

The advisory, however, does not mention victims in the energy sector, which includes oil companies. This indicates that the timing of the advisory may not be related to the Halliburton attack.

SECURITY WEEK

SECURITY WEEK

Next Post
This Bot Adds Events to Your Calendar Automatically. Just Forward It an Email

This Bot Adds Events to Your Calendar Automatically. Just Forward It an Email

Recommended.

The US Needs an Open Source AI Intervention to Beat China

The US Needs an Open Source AI Intervention to Beat China

November 19, 2025
Microsoft, CrowdStrike, other cyber firms collaborate on threat actor taxonomy

Microsoft, CrowdStrike, other cyber firms collaborate on threat actor taxonomy

June 3, 2025

Trending.

CELLCOM ISRAEL LTD. Announcement of A Special General Meeting of The Shareholders of The Company

CELLCOM ISRAEL LTD. Announcement of A Special General Meeting of The Shareholders of The Company

May 21, 2025
Veeam Debuts Data Resiliency Maturity Model To Assess, Improve Customers’ Cyber Resiliency

Veeam Debuts Data Resiliency Maturity Model To Assess, Improve Customers’ Cyber Resiliency

April 23, 2025
MocPOGO Easter Special Deals: The Pokémon GO Spoofer You Need for Might and Mastery 2025!

MocPOGO Easter Special Deals: The Pokémon GO Spoofer You Need for Might and Mastery 2025!

April 7, 2025
VNET Wins 40MW Wholesale Order from Leading Internet Company for Its New Strategic IDC Campus

VNET Wins 40MW Wholesale Order from Leading Internet Company for Its New Strategic IDC Campus

September 11, 2025
Insurance Modernization at Risk as Workforce Strategies Fall Behind, Says Info-Tech Research Group

Insurance Modernization at Risk as Workforce Strategies Fall Behind, Says Info-Tech Research Group

May 8, 2026

PTechHub

A tech news platform delivering fresh perspectives, critical insights, and in-depth reporting — beyond the buzz. We cover innovation, policy, and digital culture with clarity, independence, and a sharp editorial edge.

Follow Us

Industries

  • AI & ML
  • Cybersecurity
  • Enterprise IT
  • Finance
  • Telco

Navigation

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Subscribe to Our Newsletter

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Copyright © 2025 | Powered By Porpholio

No Result
View All Result
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs

Copyright © 2025 | Powered By Porpholio