Brain Cipher Behind the Alleged Pulmonary Physicians of South Florida Ransomware Attack 

• Pulmonary Physicians of South Florida has been named as a victim of a ransomware attack on the dark web.
• The Brain Cipher gang allegedly launched a ransomware attack on the healthcare group’s systems.
• The hackers stole the data allegedly from the healthcare organization. 

The Pulmonary Physicians of South Florida LLC group has been named in a cyber attack post on the dark web. The healthcare association that offers critical care and sleep medicine and serves other hospitals has been named as a victim of the Brain Cipher Ransomware group.

Pulmonary Physicians of South Florida has not made any official statements about facing any such incident. We approached them about the purported security incident and will update this report after receiving a response. 

Threat Intelligence platform Falconfeeds posted this screenshot from the dark web site of the Brain Cipher Ransomware group:

The post made on February 19 mentioned data being stolen by the hackers. According to the open source security platform Wazuh, Brain Cipher has been active since 2024.

They were in the news for claiming the cyber attack on Indonesia’s National Data Center (PDNS) last year. Oddly enough, the hackers rendered an apology to the Indonesian citizens after disrupting over 200 government agencies and critical public services.

“This is the first and last time a victim receives keys for free,” the hackers wrote on their website. After releasing the key to get their locked data back, which did not have a backup, they asked for a donation to their Monero wallet.

The threat actor claimed to have encrypted several thousand terabytes of data. Their ransomware has been built on LockBit and demand between $20,000 and $8 million in cryptocurrencies.

Often using phishing to initiate an attack, the group disable security mechanisms and steal credentials from compromised devices.

Scammers use various phishing techniques and adapt to advanced tools to trick users. Known techniques include deepfake phishing, which involves impersonating someone in video or voice calls and using common themes like shopping to scam people.

Users must stay alert of offers that seem too good to be true or unexpected emails and other communications that offer help during a crisis or a natural disaster.