A Splinter of Royal Ransomware Strikes Tampa Bay Zoo

Category: Ransomware News | Industry: Non-profit organizations | Source: The Record

ZooTampa, a nonprofit zoo located in Tampa, Florida, has experienced a security breach attributed to a potential splinter cell of the Royal ransomware gang known as BlackSuit. The incident has prompted an investigation involving law enforcement, as confirmed by a ZooTampa spokesperson in a report by Recorded Future News. To reassure visitors, the spokesperson emphasizes “ZooTampa does not store personal or financial information on daily visitors or members." The breach by BlackSuit potentially marks an important trend to follow, concerning the activities of the Royal ransomware gang.

It is speculated that Royal is undergoing a rebranding effort in response to increased law enforcement pressure, particularly after the significant breach targeting the city of Dallas. Royal's suspected rebranding effort is supported by researchers from Recorded Future, BleepingComputer, and Trend Micro with the latter identifying a 90% similarity with the encryptor for Royal and BlackSuit. In addition, Royal operated with closed doors since their emergence in September 2022. They did not openly recruit members or function as a ransomware-as-a-service (RaaS) model.