Security Affairs

MARCH 29, 2020

The source code of the infamous Dharma ransomware is now available for sale on two Russian-language hacking forums. The source code of one of the most profitable ransomware families, the Dharma ransomware , is up for sale on two Russian-language hacking forums. ” concluded ZDNet. Pierluigi Paganini.

Ransomware 111

Ransomware Hacking Advertising Malware 111

Security Affairs

JULY 29, 2021

The cybercrime group shut down its operations and provided the decryption keys to BleepingComputer website. The group has also shut down its servers and deleted profiles on hacking forums, they also shut down their leak site. When infected with this ransomware, the extension of the encrypted file is changed to the victim’s name.

Ransomware 138

Ransomware Cybercrime Encryption Architecture 138

Security Affairs

NOVEMBER 19, 2023

Phobos variants are usually distributed by the SmokeLoader , but in 8Base campaigns, it has the ransomware component embedded in its encrypted payloads. 8base” file extension for encrypted documents, a circumstance that suggested a possible link to the 8Base group or the use of the same code-base for their ransomware.

Ransomware 128

Ransomware Encryption Backups Manufacturing 128

Krebs on Security

FEBRUARY 10, 2020

Justice Department today unsealed indictments against four Chinese officers of the People’s Liberation Army (PLA) accused of perpetrating the 2017 hack against consumer credit bureau Equifax that led to the theft of personal data on nearly 150 million Americans. in 2019 , according to data from S&P Global Market Intelligence.

Hacking 241

Hacking Identity Theft Government Phishing 241

Krebs on Security

JUNE 16, 2021

First debuting in early 2019, CLOP is one of several ransomware groups that hack into organizations, launch ransomware that encrypts files and servers, and then demand an extortion payment in return for a digital key needed to unlock access. ? /.

Ransomware 316

Ransomware Cybercrime Malware Encryption 316

Security Affairs

FEBRUARY 24, 2020

Racoon malware , Legion, Mohazo, and Racealer, is an infostealer that recently appeared in the threat landscape that is advertised in hacking forums. The Raccoon stealer was first spotted in April 2019, it was designed to steal victims’ credit card data, email credentials, cryptocurrency wallets, and other sensitive data.

Cybercrime 91

Cybercrime Malware Cryptocurrency Advertising 91

Security Affairs

JULY 28, 2019

According to a report published by cyber security firm Sixgill data for over 23 million payment card were on offer in underground forums in the first half of 2019. . A report published by cybersecurity firm Sixgill revealed that data for over 23 million payment card were offered for sale in the cybercrime underground.

eCommerce 97

eCommerce Marketing Advertising Retail 97

Security Affairs

NOVEMBER 1, 2020

The Maze ransomware operators are shutting down their operations for more than one year the appeared on the threat landscape in May 2019. The Maze cybercrime gang is shutting down its operations, it was considered one of the most prominent and active ransomware crew since it began operating in May 2019. Pierluigi Paganini.

Ransomware 143

Ransomware Cybercrime Advertising Software 143

Security Affairs

JANUARY 6, 2023

The MegaCortex ransomware first appeared on the threat landscape in May 2019 when it was spotted by security experts at Sophos. Since November 2019, MegaCortex operators started adopting double extortion tactics. The decryptor also supports the “Scan Entire System” mode which allows users to search for all encrypted files.

Ransomware 96

Ransomware Antivirus Encryption Backups 96

Spinone

DECEMBER 24, 2018

Cyber hacking is a billion-dollar industry and will only get larger. According to Juniper Research , cybercrime is estimated to become a $2.1 trillion dollar issue by 2019. This is why you need to install one of the below encrypted messaging apps and encrypted calling apps. Read on to learn more.

Encryption 61

Encryption Mobile Computers and Electronics Government 61

Security Affairs

DECEMBER 27, 2021

At this time, it is not clear how threat actors compromised the QNAP devices, some users claim that attackers exploited a flaw in the Photo Station software to hack them. The attackers first create a user in the administrator group, then use it to encrypt the content of the NAS. SecurityAffairs – hacking, ech0raix). and 1.0.6).”

Ransomware 127

Ransomware Encryption Manufacturing Hacking 127

Security Affairs

OCTOBER 3, 2023

Like all ransomware, this is a type of malware that, once introduced into an organization, encrypts the data and then requires the victim to pay a ransom in order to decrypt it. Encrypted file structure ransomware BlackCat / ALPHV: [ORIGINAL_FILENAME].[ORIGINAL_extension].specific/different Black The LockBit 3.0 ORIGINAL_extension].specific/different

Ransomware 123

Ransomware Encryption Technology Backups 123

Security Affairs

JANUARY 18, 2022

Europol this week announced the shutdown of VPNLab, a VPN service that is very popular in the cybercrime ecosystem. An international operation conducted by law enforcement bodies from 10 countries took down VPNLab.net, a VPN service provider that is very popular in the cybercrime ecosystem. SecurityAffairs – hacking, VPNLab).

VPN 85

VPN Cybercrime Ransomware Advertising 85

Krebs on Security

SEPTEMBER 30, 2023

GandCrab dissolved in July 2019, and is thought to have become “ REvil ,” one of the most ruthless and rapacious Russian ransomware groups of all time. In April 2020, Truniger was banned from two of the top Russian cybercrime forums, where members from both forums confirmed that Semen7907 was one of Truniger’s known aliases.

Ransomware 214

Ransomware Accountability Cybercrime Backups 214

Security Affairs

FEBRUARY 23, 2022

In a first stage it allocates the memory space where to copy the encrypted data and whose content is executed by the packer. Then, in the second stage the packer decrypts the code into another portion of the same memory allocation where it stored the encrypted data, and then transfers the execution to this second layer.

Ransomware 98

Ransomware Malware Cybercrime Banking 98

Security Affairs

JANUARY 5, 2020

DeathRansom was considered fake ransomware due to the fact that it did not implement an effective encryption process, but now things are changing. DeathRansom is a ransomware family that was initially classified as a joke because it did not implement an effective encryption scheme. Pierluigi Paganini.

Encryption 65

Encryption Ransomware Malware Scams 65

Security Affairs

DECEMBER 10, 2021

In addition to the encryption of data and subsequent impact to organisations’ ability to operate as usual, victims have had data stolen during incidents published by the ransomware actors, including Personally Identifiable Information (PII).” SecurityAffairs – hacking, Conti). This activity has happened across multiple sectors.

Ransomware 94

Ransomware Cybercrime Encryption Malware 94

Security Affairs

AUGUST 3, 2020

He had no previous criminal records at the time of the arrest, but it is known to be a member of a cybercrime forum to become an affiliate for the GandCrab ransomware operation. ransom amount, individual bots and encryption masks). Close of GandCrab Ransomware : 1-6-2019. million dollars per week.

Ransomware 120

Ransomware Advertising Malware Hacking 120

Security Affairs

APRIL 27, 2020

The cybercrime gang also apologized for the damages they have caused their victims. Unlike other ransomware strains that don’t encrypt victims in Russia and other CIS countries, Shade also targets computers in Russia and Ukraine. In fact, we stopped its distribution in the end of 2019. Pierluigi Paganini.

Ransomware 122

Ransomware Advertising Antivirus Education 122

Security Affairs

NOVEMBER 4, 2020

billion in revenue for 2019. “On July 28, 2020, Mattel discovered that it was the victim of a ransomware attack on its information technology systems that caused data on a number of systems to be encrypted. . SecurityAffairs – hacking, malware). The good news that the company excluded the theft of internal information.

Ransomware 114

Ransomware Retail Advertising Malware 114

Security Affairs

JANUARY 6, 2023

. “The attack is similar to the one in the summer of 2019, when four other hospitals in Romania were targeted. “The hackers entered the system and encrypted the December database. In 2019 other four hospitals in Romania suffered ransomware attacks that were attributed to the PHOBOS extortion group.

Ransomware 85

Ransomware Antivirus Media Encryption 85

Security Affairs

AUGUST 10, 2021

The eCh0raix ransomware has been active since at least 2019, when eExperts from security firms Intezer and Anomali separately discovered sample of the ransomware targeting Network Attached Storage (NAS) devices. The malicious code appends.encrypt extension to filenames of encrypted files. SecurityAffairs – hacking, NAS).

Ransomware 129

Ransomware Encryption Firmware Passwords 129

Security Affairs

JANUARY 28, 2023

The recent Hive infrastructure takedown as well as other major gangs dissolution such as Conti in 2022, is making room in the cybercrime business The Lockbit locker leaked a few months ago in the underground, is increasing its popularity and adoption among micro-criminal actors.

Penetration Testing 92

Penetration Testing Ransomware Firewall Social Engineering 92

Security Affairs

MARCH 3, 2020

Nemty ransomware first appeared on the threat landscape in August 2019, the name of the malware comes after the extension it adds to the encrypted file names. The ransomware deletes shadow copies of encrypted files to make in impossible any recovery procedure. SecurityAffairs – hacking, Nemty ransom w are ).

Ransomware 104

Ransomware Advertising Encryption Malware 104

Security Affairs

NOVEMBER 3, 2021

The decision of the gang comes after the recent announcement of closer collaboration of US and Russian authorities in curbing cybercriminal organizations based in Russia, such as the FIN7 cybercrime gang. The list of victims of the group also includes Norwegian giant Norsk Hydr that was hit in 2019. Pierluigi Paganini.

Ransomware 115

Ransomware Cybercrime Healthcare Encryption 115

Security Affairs

APRIL 18, 2021

CARBANAK cybercrime gang was first uncovered in 2014 by Kaspersky Lab that dated its activity back to 2013 when the group leveraged the Anunak malware in targeted attacks on financial institutions and ATM networks. Hladyr also controlled the organization’s encrypted channels of communication.” SecurityAffairs – hacking, FIN7).

System Administration 119

System Administration Penetration Testing Malware Banking 119

Malwarebytes

MARCH 15, 2021

In addition, we tune in to a special presentation from Adam Kujawa about the 2021 State of Malware report , which analyzed the top cybercrime goals of 2020 amidst the global pandemic. After all, malware detections for both consumers and businesses decreased in 2020 compared to 2019. That sounds like good news, but it wasn’t.

Malware 57

Malware VPN Cybercrime Encryption 57

Security Affairs

JUNE 22, 2023

” The researchers pointed out that the Mirai variant like IZ1H9 and V3G4 will first initialize an encrypted string table and then retrieve the strings through an index. Since March 2023, researchers at Palo Alto Networks Unit 42 have observed a new variant of the Mirai botnet targeting multiple vulnerabilities in popular IoT devices.

IoT 89

IoT Malware Encryption DDOS 89

Security Affairs

AUGUST 4, 2020

NetWalker ransomware operators continue to be very active, according to McAfee the cybercrime gang has earned more than $25 million since March 2020. The malware has been active at least since August 2019, over the months the NetWalker ransomware was made available through a ransomware-as-a-service (RaaS) model attracting criminal affiliates.

Ransomware 97

Ransomware VPN Cybercrime Advertising 97

Security Affairs

MAY 1, 2020

Maze Ransomware operators claim to have hacked the network of the state-owned Bank of Costa Rica Banco BCR and to have stolen internal data, including 11 million credit card credentials. SecurityAffairs – Banco BCR, hacking). According to Maze, the bank’s network remained unsecured at least since February 2020.

Ransomware 136

Ransomware Banking Cyber Insurance Advertising 136

Security Affairs

SEPTEMBER 22, 2021

In typical Conti ransomware attacks, malicious cyber actors steal files, encrypt servers and workstations, and demand a ransom payment.” Experts speculate the operators are members of a Russia-based cybercrime group known as Wizard Spider. SecurityAffairs – hacking, ransomware). and international organizations.

Ransomware 100

Ransomware Cybercrime Authentication Healthcare 100

Security Affairs

JANUARY 28, 2022

According to CTWANT , which cited an undisclosed information security company, Delta Electronics was hit by Conti ransomware that asked Delta to pay a $15 million ransom to restore encrypted files and avoid their leak. Of the 65,000 computers in Delta’s network, about 1,500 servers and about 12,000 computers are encrypted.”

Computers and Electronics 92

Computers and Electronics Ransomware Manufacturing Malware 92

Security Affairs

JULY 4, 2020

A joint operation conducted by European police arrested hundreds of criminals after that agents infiltrated into EncroChat encrypted chat network. The police infiltrated into a global network of an encrypted chatting app that was used by criminals involved in drug dealing, money laundering, extortions, and even murders.

Encryption 105

Encryption Hacking Software Cybercrime 105

Security Affairs

MAY 19, 2021

Conti ransomware also breached the network of Ireland’s Department of Health (DoH) but the ransomware failed to encrypt the systems. In a separate attack, the ransomware gang also breached the network of the country’s Department of Health (DoH) but failed to encrypt the systems of the organization. Pierluigi Paganini.

Ransomware 88

Ransomware Encryption Malware Government 88

Security Affairs

DECEMBER 24, 2019

“Since January 2019, LockerGoga ransomware has targeted large corporations and organizations in the United States, United Kingdom, France, Norway, and the Netherlands. Feds remind that both ransomware implements a secure encryption algorithm that means it impossible to decrypt the files without paying the ransom.

Ransomware 62

Ransomware Backups Encryption Cyber Attacks 62

Security Affairs

MARCH 1, 2020

FireEye Mandiant M-Trends 2020 report: 500+ new Malware strains in 2019. Raccoon Malware, a success case in the cybercrime ecosystem. Hacking campaign targets sites running popular Duplicator WordPress plugin. Kr00k Wi-Fi Encryption flaw affects more than a billion devices. SecurityAffairs – hacking, newsletter).

Banking 91

Banking Malware Advertising Ransomware 91

Security Affairs

OCTOBER 24, 2020

The ransomware encrypted files and renamed their filenames by adding the “ easy2lock” extension, this extension was previously associated with recent WastedLocker ransomware infections. This group has been active since at least 2007, in December 2019, the U.S. SecurityAffairs – hacking, WastedLocker).

Ransomware 89

Ransomware Telecommunications Banking Advertising 89