2.5M Gulf X-rays Hijacked: Tor Auctions 110 GB, Hospitals Held Hostage

TL;DR

• Payload Ransomware claims 110 GB data breach of Royal Bahrain Hospital, threatens release by March 23
• Microsoft KB5079473 update causes Windows 11 BSODs and C: drive access denials on Samsung Galaxy Book models
• Meta to shut down Instagram end-to-end encryption for direct messages by May 8, 2026, citing under 1M active users

💥 110 GB Gulf Hospital Hack: ChaCha20 Ransom Hits 70-Bed Bahrain

110 GB of Gulf medical records just got ChaCha20-twirled by “Bharna20” 🕺—that’s 2.5M X-rays for sale on Tor! RBH’s 70 beds now a 0-day hostel. Patients? Sitting ducks. GCC suits, your move: pay the ransom or leak like a BP well?

Royal Bahrain Hospital got curb-stomped by Payload ransomware: 70 beds, five Gulf nations’ worth of VIP organs, and zero adult supervision. The crooks ChaCha20-encrypted the whole trove, slapped it on a Tor site like cheap NFTs, and set a ransom timer: 23 Mar 2026—seven days to cough up or the world downloads your colonoscopy in 4K.

How the heist rolled

• Curve25519 key swap in under 60 s—faster than the hospital’s Wi-Fi login page.
• 130 GB vacuumed, 110 GB curated for maximum shame; the rest kept as encore leverage.
• One-week extortion cycle—new regional norm, because who needs patience when panic is free?

Impacts—feel the burn

• Privacy: >1 million patient records → phishing buffet, black-market VIP list.
• Clinical: EHR frozen → surgeons back to paper, scalpel in one hand, fax in the other.
• Reputation: GCC “medical tourism” brand → instant meme, #BahrainLeak trending hotter than desert asphalt.
• Wallet: ransomware payout + Bahraini fines up to $250 k per GDPR-style clause → budget hemorrhage worse than any gunshot wound.

What now? (a.k.a. the cheap & angry playbook)

• Air-gap the LAN—yes, yank the purple cable with your teeth if necessary.
• Boot Kali from a $5 USB, grep the Curve25519 pub-key, pass it to cops—maybe they can brute-force before your hair turns white.
• MFA everything; passwords like “Password123” now qualify as medical malpractice.
• GCC-CERT bat-signal: share IoCs faster than TikTok dances.
• Print this on the CEO’s forehead: “Backups, tested, offline—no, your nephew’s Dropbox doesn’t count.”

Timeline of impending doom

• T-minus 6 days: negotiators cry, partial dump drops, stock photos of your appendix hit Telegram.
• Q2 2026: regional hospitals finally ditch Windows XP—progress, baby!
• 2027: Bahrain mandates ransomware drills, budgets for AES-256-GCM, still cheaper than paying Moldovan teens.

Bottom line

If a 70-bed sandbox can lose 110 GB in 60 seconds, your shiny “digital transformation” is a glittery toe tag. Patch like your life depends on it—because someone’s organ donor list just became public domain.

😂 8 Mln Samsung Galaxy Books Locked Out After Patch Tuesday ACL Chaos

💥 8 MILLION Samsung laptops just got told “C:\ is not accessible” by a phone-sync app—while Windows was busy patching 12 CVEs! 😂 Translation: your own software kneecapped you before hackers even got socks on. IT admins now playing ACL-Jenga at 2 a.m. — still love that Galaxy Connect bloat, or ready to nuke it?

Monday morning, 10 March: your Galaxy Book chirps “Update ready!” You click, coffee in hand, and—BAM—the screen vomits turquoise death. C:\ turns into Hotel California: you can check out any time you like, but you can never access your files.

WTF Just Happened?

KB5079473 itself is clean; the arsonist is Samsung’s Galaxy Connect app. Its 9 March auto-update rewrote NTFS permissions like a drunk notary—stripping SYSTEM and TrustedInstaller rights from the root folder. Windows 11 tries to load drivers, gets doors slammed in its face, and rage-quits with bug-check 0x9F. Reboot loop, tears, profanity.

Damage in One Sip

• Scope: 0.8 % of Windows 11 PCs—roughly 8 million Galaxy Books—walked the plank.
• Symptoms: BSOD, “C:\ is not accessible,” Outlook/Chrome/Office.exe digitally ghosted.
• Geography: US leads the bitching parade, followed by Brazil, India, SK, China, SA.

Quick & Dirty Bail-Outs

• Roll back KB5079473 (Settings > Update > Uninstall).
• Nuke Galaxy Connect v2.1.2; ACL reset script from Microsoft’s doc restores default permissions.
• Reinstall the patch after Samsung drops v2.1.3 (due “late March”).

Forecast of Fun

• 0–30 days: Support lines will melt; most users patched or app-nuked → incidents fade.
• 30–90 days: Samsung’s fix + Microsoft’s May cumulative wrap the wound.
• >90 days: New OEM certification rulebook bans file-system cowboys; ACL corruptions become campfire lore.

TL;DR

Microsoft delivered a rock-solid update; Samsung’s “helpful” Android-sync bloatware turned it into a $1,200 paperweight facilitator. Par for the course: corporate giants finger-point while users foot the pain bill. Disable the junk, reclaim your C:, and remember—never let an OEM app babysit your NTFS permissions again.

🪓 Instagram Kills Encrypted DMs: 1 M Users Dumped, May 8 Deadline Looms

0.3 % of IG chats ever bothered to turn on E2EE—so Meta’s yeeting the padlock 8 May 🪓. Translation: your "secret" convos were lonely AF & now they’re server-fodder. Export or watch Zuckerberg’s cloud slurp your nudes—Nevada AG’s already cheering. Who’s migrating to WhatsApp before the purge?

Ouch. Remember when Meta pinky-swore 2021-grade privacy? Yeah, that promise just got un-friended. By 8 May 2026 Instagram’s opt-in end-to-end encryption (E2EE) flatlines—because fewer than 0.3 % of its DM cattle ever clicked the magic toggle. Translation: ~1 million privacy nerds out of 2 billion monthly scroll-zombies. 🪦

How did we get here?

• Late 2023: Meta quietly slides Signal-protocol tech into Instagram chats—region-locked, buried in settings, zero marketing bling.
• 2024-25: Nevada & New Mexico AGs sue, whining E2EE hides child-sexual-abuse material. Regulators wave pitchforks; Meta accountants wave spreadsheets showing server-cost hemorrhage for a ghost-town feature.
• 13 Mar 2026: In-app pop-up: “Download your secret crap before May 8 or watch it vanish.” Users collectively shrug.

Impact scorecard (because bullet points hurt less)

• Privacy: 100 % of opted-in chats go cleartext → Meta’s servers can once again slurp keyword vibes for ad algos.
• Security theatre: AGs cheer louder CSAM detection; actual detection numbers? Crickets.
• Wallet: Meta trims key-management overhead; savings undisclosed but you can bet it’s bigger than your annual coffee budget.
• Competition: WhatsApp keeps default E2EE for 2 B souls—Meta’s polite way of saying “move over there, whiners.”
• Migration pool: ≤1 M users—roughly the population of a mid-tier city—now shopping Signal or Telegram stickers.

Outlook—grab your crystal beer mug

• Q2 2026: Export deadline passes; Instagram DM crypto becomes an urban legend told at hacker camps.
• 2027: If EU encryption roadmap hardens, Meta may U-turn and bolt E2EE back onto Instagram—this time default-on, lawsuits 2.0 included.
• 2028-29: Expect every state AG to clone Nevada’s playbook: “Encryption = obstruction,” rinse, litigate, settle, repeat.

Parting shot

Bottom line: Instagram just proved “privacy” is a checkbox CFOs can un-check the moment bean-counters scream. The rest of us get a free lesson—if you want real secrecy, stop expecting billion-dollar ad empires to babysit your secrets.

In Other News

• Rust community debates syntax overhaul: proposals to replace 'let mut' with shorter keywords spark debate over backward compatibility and ergonomic trade-offs