The Health Sector Cybersecurity Coordination Center is raising the alarm on TimisoaraHackerTeam, a newer and relatively unknown ransomware group that targeted a U.S. cancer center in June.
The group uses BitLocker and BestCrypt to deliver the malware. While TimisoraHackerTeam was discovered in 2018, the group mostly stayed undetected, according to a June 16 HC3 memo.
Recent attacks on a French and an Israeli hospital have brought the group more notoriety.
Timisoara is the name of a Romanian town, and the group appears to write most of their code in Romanian. However, authorities are unclear if the group is actually Romanian, or if this a purposeful false lead.