Accountability, Cryptocurrency, Cybercrime and Ransomware

DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized

Krebs on Security

MAY 14, 2021

The DarkSide ransomware affiliate program responsible for the six-day outage at Colonial Pipeline this week that led to fuel shortages and price spikes across the country is running for the hills. The DarkSide message includes passages apparently penned by a leader of the REvil ransomware-as-a-service platform.

Ransomware

Ransomware Cryptocurrency Cybercrime Healthcare

Disrupting Ransomware by Disrupting Bitcoin

Schneier on Security

JULY 26, 2021

Ransomware isn’t new; the idea dates back to 1986 with the “Brain” computer virus. This is where the suggestion to ban cryptocurrencies as a way to “solve” ransomware comes from. In this light, banning cryptocurrencies like bitcoin is an obvious solution.

Ransomware

Ransomware Cryptocurrency Banking Accountability

The Link Between Ransomware and Cryptocurrency

eSecurity Planet

DECEMBER 21, 2021

There are few guarantees in the IT industry, but one certainty is that as the world steps into 2022, ransomware will continue to be a primary cyberthreat. The dangers from ransomware have risen sharply since WannaCry and NotPetya hit the scene in 2017, and this year has been no different. Cryptocurrency Fuels Ransomware.

Cryptocurrency

Cryptocurrency Ransomware Cybercrime Social Engineering

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

How Did Authorities Identify the Alleged Lockbit Boss?

Krebs on Security

MAY 13, 2024

and Australia in sanctioning and charging a Russian man named Dmitry Yuryevich Khoroshev as the leader of the infamous LockBit ransomware group. According to Constella, this email address was used in 2010 to register an account for a Dmitry Yurievich Khoroshev from Voronezh, Russia at the hosting provider firstvds.ru. “P.S.

Ransomware

Ransomware Cybercrime Accountability Malware

FBI: Investment Scams Surpass BEC as Most Costly Cybercrime

SecureWorld News

MARCH 15, 2023

Alright, how many of you saw a cryptocurrency ad on TV in 2022? Now the important question: how many of you got scammed in some sort of way by cryptocurrency or another type of investment? The report shows that phishing schemes were the most common type of cybercrime reported by victims in 2022, with 300,497 complaints.

Cybercrime

Cybercrime Scams Cryptocurrency Identity Theft

BlackCat Ransomware Group Implodes After Apparent $22M Payment by Change Healthcare

Krebs on Security

MARCH 5, 2024

healthcare giant Change Healthcare has made a $22 million extortion payment to the infamous BlackCat ransomware group (a.k.a. On March 1, a cryptocurrency address that security researchers had already mapped to BlackCat received a single transaction worth approximately $22 million. There are indications that U.S.

Healthcare

Healthcare Ransomware Scams Insurance

Feds Seize LockBit Ransomware Websites, Offer Decryption Tools, Troll Affiliates

Krebs on Security

FEBRUARY 20, 2024

authorities have seized the darknet websites run by LockBit , a prolific and destructive ransomware group that has claimed more than 2,000 victims worldwide and extorted over $120 million in payments. LockBit members have executed attacks against thousands of victims in the United States and around the world, according to the U.S.

Ransomware

Ransomware Cybercrime Encryption Insurance

How Does One Get Hired by a Top Cybercrime Gang?

Krebs on Security

JUNE 15, 2021

Department of Justice (DOJ) last week announced the arrest of a 55-year-old Latvian woman who’s alleged to have worked as a programmer for Trickbot , a malware-as-a-service platform responsible for infecting millions of computers and seeding many of those systems with ransomware. Alla Witte’s personal website — allawitte[.]nl

Cybercrime

Cybercrime Ransomware Passwords Banking

Who Wrote the ALPHV/BlackCat Ransomware Strain?

Krebs on Security

JANUARY 28, 2022

In December 2021, researchers discovered a new ransomware-as-a-service named ALPHV (a.k.a. “ BlackCat “), considered to be the first professional cybercrime group to create and use a ransomware strain written in the Rust programming language. Image: Varonis. Image: Varonis. ” Meanwhile, the U.S.

Ransomware

Ransomware Accountability Cybercrime Malware

Incognito Darknet Market Mass-Extorts Buyers, Sellers

Krebs on Security

MARCH 11, 2024

Borrowing from the playbook of ransomware purveyors, the darknet narcotics bazaar Incognito Market has begun extorting all of its vendors and buyers, threatening to publish cryptocurrency transaction and chat records of users who refuse to pay a fee ranging from $100 to $20,000. “And yes, this is an extortion!!!! .”

Marketing

Marketing Scams Cryptocurrency Cybercrime

Justice Dept. Claws Back $2.3M Paid by Colonial Pipeline to Ransomware Gang

Krebs on Security

JUNE 7, 2021

million worth of Bitcoin that Colonial Pipeline paid to ransomware extortionists last month. The funds had been sent to DarkSide , a ransomware-as-a-service syndicate that disbanded after a May 14 farewell message to affiliates saying its Internet servers and cryptocurrency stash were seized by unknown law enforcement entities.

Ransomware

Ransomware Cybercrime Cryptocurrency Healthcare

Estonian Tied to 13 Ransomware Attacks Gets 66 Months in Prison

Krebs on Security

MARCH 25, 2022

prison for his role in at least 13 ransomware attacks that caused losses of approximately $53 million. Prosecutors say the accused also enjoyed a lengthy career of “cashing out” access to hacked bank accounts worldwide. The DirectConnection cybercrime forum, circa 2011. Department of Justice.

Ransomware

Ransomware Banking Cybercrime Hacking

Could curtailing cryptocurrency calm cyber crime wave?

SC Magazine

JUNE 28, 2021

A technician inspects the backside of a cryptocurrency mining farm in Saint Hyacinthe, Quebec. Cryptocurrency is famously anonymous, but evading capture is not the only reason cryptocurrency is the go-to payment solution for ransomware. First, understanding the role of cryptocurrency in ransomware.

Cryptocurrency

Cryptocurrency Ransomware Banking Cybercrime

Could curtailing cryptocurrency calm cyber crimewave?

SC Magazine

JUNE 28, 2021

A technician inspects the backside of a cryptocurrency mining farm in Saint Hyacinthe, Quebec. Cryptocurrency is famously anonymous, but evading capture is not the only reason cryptocurrency is the go-to payment solution for ransomware. First, understanding the role of cryptocurrency in ransomware.

Cryptocurrency

Cryptocurrency Ransomware Banking Cybercrime

Who’s Behind the GandCrab Ransomware?

Krebs on Security

JULY 8, 2019

The crooks behind an affiliate program that paid cybercriminals to install the destructive and wildly successful GandCrab ransomware strain announced on May 31, 2019 they were terminating the program after allegedly having earned more than $2 billion in extortion payouts from victims. Image: Malwarebytes.

Ransomware

Ransomware Accountability Cybercrime Passwords

The DPRK Is the NKOTB of Healthcare Ransomware

SecureWorld News

FEBRUARY 16, 2023

A joint Cybersecurity Advisory (CSA) has revealed that the Democratic People's Republic of Korea (DPRK) is doing its best to become the New Kids on the Block (NKOTB) of ransomware. The CSA provides updates to earlier alerts of malicious cyber actor activities involving DPRK ransomware campaigns—namely Maui and H0lyGh0st ransomware.

Healthcare

Healthcare Ransomware Cryptocurrency Cybercrime

Who is Alleged Medibank Hacker Aleksandr Ermakov?

Krebs on Security

JANUARY 26, 2024

33-year-old Aleksandr Ermakov allegedly stole and leaked the Medibank data while working with one of Russia’s most destructive ransomware groups, but little more is shared about the accused. government says Ermakov and the other actors behind the Medibank hack are believed to be linked to the Russia-backed cybercrime gang REvil.

Cybercrime

Cybercrime Ransomware Retail Insurance

Ransomware money laundering operation disrupted, founder arrested

Malwarebytes

JANUARY 20, 2023

The US Department of Justice (DOJ) has released information about the arrest of Anatoly Legkodymov, the founder and majority owner of a cryptocurrency exchange called Bitzlato, on money laundering charges. The exchange is thought to have fueled crypto-related crimes like ransomware by helping cybercriminals launder illegally obtained money.

Ransomware

Ransomware Cryptocurrency Accountability Cybercrime

German police seized the darknet marketplace Nemesis Market

Security Affairs

MARCH 23, 2024

An operation conducted by the Federal Criminal Police Office in Germany (BKA) and the Frankfurt cybercrime combating unit (ZIT) led to the seizure of the infrastructure of the darknet marketplace Nemesis Market in Germany and Lithuania. The law enforcement confiscated about 94,000 euros worth of cryptocurrencies.

Marketing

Marketing Cybercrime DDOS Internet

HIVE Ransomware Shut Down by International Law Enforcement

SecureWorld News

JANUARY 27, 2023

The United States Department of Justice (DOJ) recently announced that it has successfully taken down the HIVE ransomware network, an international cybercrime ring that had been responsible for stealing and encrypting the data of more than 1,500 companies from 80 different countries. Cybercrime is a constantly evolving threat.

Ransomware

Ransomware Cybercrime Cryptocurrency Telecommunications

Threat Actors Merging Malicious Activity With Cryptocurrency Show How the Attack Landscape is Developing in Decentralized Finance

Security Boulevard

AUGUST 2, 2022

Current threat actor activity is incentivized by a broad attack surface represented through high volumes of users and systems, and high potential profits represented through the variety of cryptocurrency offerings. It is easy to detect and block things like malicious cryptocurrency apps or crypto-phishing websites.

Cryptocurrency

Cryptocurrency Ransomware Government Risk

$10M Is Yours If You Can Get This Guy to Leave Russia

Krebs on Security

MAY 4, 2023

government this week put a $10 million bounty on the head of a Russian man who for the past 18 years operated Try2Check , one of the cybercrime underground’s most trusted services for checking the validity of stolen credit card data. In 2017, U.S. In Kulkov’s case, it no doubt was critical to U.S.

Marketing

Marketing Cybercrime Accountability Cryptocurrency

Happy 13th Birthday, KrebsOnSecurity!

Krebs on Security

DECEMBER 29, 2022

Here’s a look at some of the more notable cybercrime stories from the past year, as covered by KrebsOnSecurity and elsewhere. Internal Revenue Service website for months: Anyone seeking to create an account to view their tax records online would soon be required to provide biometric data to a private company in Virginia — ID.me.

Cryptocurrency

Cryptocurrency Cybercrime Computers and Electronics Scams

U.S. Hacks QakBot, Quietly Removes Botnet Infections

Krebs on Security

AUGUST 29, 2023

government today announced a coordinated crackdown against QakBot , a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. Reliaquest says QakBot infections accounted for nearly one-third of all loaders observed in the wild during the first six months of this year.

Hacking

Hacking Malware Ransomware Government

U.S. Sanctions Russian National for Virtual Currency Money Laundering

SecureWorld News

NOVEMBER 8, 2023

The United States Treasury Department's Office of Foreign Assets Control (OFAC) has taken decisive action against Ekaterina Zhdanova, a Russian national, for her significant role in laundering and transferring funds using virtual currency on behalf of Russian elites and ransomware actors, including the notorious Ryuk gang.

Cryptocurrency

Cryptocurrency Ransomware Cybercrime Government

Accused ‘Raccoon’ Malware Developer Fled Ukraine After Russian Invasion

Krebs on Security

OCTOBER 31, 2022

A 26-year-old Ukrainian man is awaiting extradition from The Netherlands to the United States on charges that he acted as a core developer for Raccoon , a popular “malware-as-a-service” offering that helped paying customers steal passwords and financial data from millions of cybercrime victims. According to the U.S. Image: USDOJ.

Malware

Malware Identity Theft Cybercrime Accountability

FBI’s LockBit Takedown Postponed a Ticking Time Bomb in Fulton County, Ga.

Krebs on Security

FEBRUARY 25, 2024

The FBI’s takedown of the LockBit ransomware group last week came as LockBit was preparing to release sensitive data stolen from government computer systems in Fulton County, Ga. The accusation is an explosive one because nobody will pay a ransom if they don’t believe the ransomware group will hold up its end of the bargain.

Ransomware

Ransomware Cybercrime Hacking Government

Russian-speaking cybercrime evolution: What changed from 2016 to 2021

SecureList

OCTOBER 20, 2021

Having been in the field for so long, we have witnessed some major changes in the cybercrime world’s modus operandi. This report shares our insights into the Russian-speaking cybercrime world and the changes in how it operates that have happened in the past five years.

Cybercrime

Cybercrime Banking Malware Ransomware

REvil Ransom Arrest, $6M Seizure, and $10M Reward

Krebs on Security

NOVEMBER 8, 2021

Department of Justice today announced the arrest of Ukrainian man accused of deploying ransomware on behalf of the REvil ransomware gang, a Russian-speaking cybercriminal collective that has extorted hundreds of millions from victim organizations. million in cryptocurrency sent to another REvil affiliate, and that the U.S.

Ransomware

Ransomware Cybercrime System Administration Passwords

Security Affairs newsletter Round 469 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

APRIL 28, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cybercrime

Cybercrime Spyware Data breaches Antivirus

Canada Charges Its “Most Prolific Cybercriminal”

Krebs on Security

DECEMBER 8, 2021

A 31-year-old Canadian man has been arrested and charged with fraud in connection with numerous ransomware attacks against businesses, government agencies and private citizens throughout Canada and the United States. Federal Bureau of Investigation (FBI) contacted them regarding ransomware attacks that were based in Canada.

Cybercrime

Cybercrime Ransomware Accountability Advertising

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. 12 blog post , the attackers used their access to Mailchimp employee accounts to steal data from 214 customers involved in cryptocurrency and finance.

Social Engineering

Social Engineering Mobile Cybercrime Passwords

White House, Congress Target Ransomware Payments

eSecurity Planet

OCTOBER 8, 2021

The surge in ransomware attacks in the last year have spurred attempts by government officials to bolster cybersecurity defenses, and those actions advanced on multiple fronts this week. Ransomware Fight Goes Global. Ransomware Fight Goes Global. New DOJ Ransomware Initiatives. In an op-ed piece published by CNBC, U.S.

Ransomware

Ransomware Cryptocurrency IoT Government

Security Affairs newsletter Round 454 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

JANUARY 13, 2024

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

VPN

VPN Cybercrime Ransomware Hacking

Ten Years Later, New Clues in the Target Breach

Krebs on Security

DECEMBER 14, 2023

That reporting was based on clues from an early Russian cybercrime forum in which a hacker named Rescator — using the same profile image that Rescator was known to use on other forums — claimed to have originally been known as “Helkern,” the nickname chosen by the administrator of a cybercrime forum called Darklife.

Cybercrime

Cybercrime Accountability Advertising Computers and Electronics

FBI Seeking Info on BlackCat Ransomware

SecureWorld News

APRIL 21, 2022

While the fight against cybercrime can seem like an impossibly huge challenge to overcome—and if we're being honest, it really is—these victories over cybercriminals will continue to add up and make a difference in the long run. Technical details of BlackCat ransomware. est.bat – copies the ransomware to other locations.

Ransomware

Ransomware Cybercrime Malware Cryptocurrency

State of Cybercrime 2020: FBI Report

SecureWorld News

MARCH 22, 2021

The FBI notes that the Internet Crime Complaint Center (IC3) has been key to its mission to track cybercrimes. The IC3 "provides the public with a trustworthy source for information on cyber criminal activity," and also is a useful tool for victims to report a cybercrime. And this year's report highlights five "hot topics.".

Cybercrime

Cybercrime Scams Banking Accountability

REvil Ransomware member win the auction for KPot stealer source code

Security Affairs

NOVEMBER 4, 2020

The source code for the KPot information stealer was put up for auction and the REvil ransomware operators want to acquire it. The authors of KPot information stealer have put its source code up for auction , and the REvil ransomware operators will likely be the only group to bid. KPOT source code up for sale! Pierluigi Paganini.

Ransomware

Ransomware Malware Advertising Cybercrime

Hackers stole $80M worth of cryptocurrency from the Qubit DeFi platform

Security Affairs

JANUARY 31, 2022

Threat actors stole $80M worth of cryptocurrency from the Qubit DeFi platform by exploiting a flaw in the smart contract code used in an Ethereum bridge. The DeFi platform Qubit Finance was victim of a cyber heist, threat actors stole around $80 million in cryptocurrency last week. SecurityAffairs – hacking, REvil ransomware).

Cryptocurrency

Cryptocurrency Hacking Accountability Ransomware

Ransomware attack shuts down Colonial Pipeline fuel supply

Malwarebytes

MAY 10, 2021

Ransomware caused major trouble last week, as the famous Colonial Pipeline fell victim to a devastating cyber-attack. Ransomware brought everything to a standstill on Friday. As it happens, charities don’t want a bunch of stolen money circulating in their bank accounts. Presenting: the Colonial Pipeline. That’s where we are now.

Ransomware

Ransomware Cryptocurrency Banking Government

Cyberthreats to financial organizations in 2022

SecureList

NOVEMBER 23, 2021

The COVID-19 pandemic is likely to cause a massive wave of poverty, and that invariably translates into more people resorting to crime, including cybercrime. We should expect more fraud, targeting mostly BTC , because this cryptocurrency is the most popular. In April 2021, the Andariel group attempted to spread custom Ransomware.

Cryptocurrency

Cryptocurrency Banking Cybercrime Ransomware

DOJ recovers pipeline ransom, signals more aggressive approach to cybercrime

Malwarebytes

JUNE 8, 2021

The US Department of Justice announced Monday that it recovered much of the ransomware payment that Colonial Pipeline paid to free itself from the attack that derailed the oil and gas supplier’s operations for several days last month. We will continue to target the entire ransomware ecosystem to disrupt and deter these attacks.”.

Cybercrime

Cybercrime Ransomware Cryptocurrency Government

Organizations paid at least $602 million to ransomware gangs in 2021

Security Affairs

FEBRUARY 13, 2022

Organizations have paid more than $600 million in cryptocurrency during 2021, nearly one-third to the Conti ransomware gang. and Australia have published a joint advisory warning of an increased globalised threat of ransomware worldwide in 2021. Last week, cybersecurity agencies from the U.K., added the company. .”

Ransomware

Ransomware Cryptocurrency Cybercrime Malware

DarkGate malware campaign abuses Skype and Teams

Security Affairs

OCTOBER 16, 2023

The researchers speculate the originating accounts of the instant messaging applications were compromised through the leaked credentials available on cybercrime forums. The message sent to the victims from a compromised Skype account contains a VBS script with a filename following the following format: <filename.pdf> www.skype[.]vbs.

Malware

Malware Cryptocurrency Accountability Cybercrime

DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized

Disrupting Ransomware by Disrupting Bitcoin

Webinars

Trending Sources

The Link Between Ransomware and Cryptocurrency

Webinars

How Did Authorities Identify the Alleged Lockbit Boss?

FBI: Investment Scams Surpass BEC as Most Costly Cybercrime

BlackCat Ransomware Group Implodes After Apparent $22M Payment by Change Healthcare

Feds Seize LockBit Ransomware Websites, Offer Decryption Tools, Troll Affiliates

How Does One Get Hired by a Top Cybercrime Gang?

Who Wrote the ALPHV/BlackCat Ransomware Strain?

Incognito Darknet Market Mass-Extorts Buyers, Sellers

Justice Dept. Claws Back $2.3M Paid by Colonial Pipeline to Ransomware Gang

Estonian Tied to 13 Ransomware Attacks Gets 66 Months in Prison

Could curtailing cryptocurrency calm cyber crime wave?

Could curtailing cryptocurrency calm cyber crimewave?

Who’s Behind the GandCrab Ransomware?

The DPRK Is the NKOTB of Healthcare Ransomware

Who is Alleged Medibank Hacker Aleksandr Ermakov?

Ransomware money laundering operation disrupted, founder arrested

German police seized the darknet marketplace Nemesis Market

HIVE Ransomware Shut Down by International Law Enforcement

Threat Actors Merging Malicious Activity With Cryptocurrency Show How the Attack Landscape is Developing in Decentralized Finance

$10M Is Yours If You Can Get This Guy to Leave Russia

Happy 13th Birthday, KrebsOnSecurity!

U.S. Hacks QakBot, Quietly Removes Botnet Infections

U.S. Sanctions Russian National for Virtual Currency Money Laundering

Accused ‘Raccoon’ Malware Developer Fled Ukraine After Russian Invasion

FBI’s LockBit Takedown Postponed a Ticking Time Bomb in Fulton County, Ga.

Russian-speaking cybercrime evolution: What changed from 2016 to 2021

REvil Ransom Arrest, $6M Seizure, and $10M Reward

Security Affairs newsletter Round 469 by Pierluigi Paganini – INTERNATIONAL EDITION

Canada Charges Its “Most Prolific Cybercriminal”

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

White House, Congress Target Ransomware Payments

Security Affairs newsletter Round 454 by Pierluigi Paganini – INTERNATIONAL EDITION

Ten Years Later, New Clues in the Target Breach

FBI Seeking Info on BlackCat Ransomware

State of Cybercrime 2020: FBI Report

REvil Ransomware member win the auction for KPot stealer source code

Hackers stole $80M worth of cryptocurrency from the Qubit DeFi platform

Ransomware attack shuts down Colonial Pipeline fuel supply

Cyberthreats to financial organizations in 2022

DOJ recovers pipeline ransom, signals more aggressive approach to cybercrime

Organizations paid at least $602 million to ransomware gangs in 2021

DarkGate malware campaign abuses Skype and Teams

Stay Connected