Security Affairs

NOVEMBER 19, 2023

Phobos variants are usually distributed by the SmokeLoader , but in 8Base campaigns, it has the ransomware component embedded in its encrypted payloads. 8base” file extension for encrypted documents, a circumstance that suggested a possible link to the 8Base group or the use of the same code-base for their ransomware.

Ransomware 130

Ransomware Encryption Backups Manufacturing 130

Security Affairs

APRIL 28, 2019

The flaw exploited in the attacks, tracked as CVE-2019-3396 , is a server-side template injection vulnerability that resides in the Widget Connector macro in Confluence Server. Threat actors leverage the vulnerability to install denial of service (DDoS) malware and crypto-currency miners, and to remotely execute code.

DDOS 100

DDOS Malware Advertising Software 100

Krebs on Security

JUNE 16, 2021

First debuting in early 2019, CLOP is one of several ransomware groups that hack into organizations, launch ransomware that encrypts files and servers, and then demand an extortion payment in return for a digital key needed to unlock access. ? /.

Ransomware 317

Ransomware Cybercrime Malware Encryption 317

Security Affairs

OCTOBER 21, 2021

Evil Corp cybercrime gang is using a new ransomware called Macaw Locker to evade US sanctions that prevent victims from paying the ransom. The Macaw Locker ransomware encrypts victims’ files and append the .macaw macaw extension to the file name of the encrypted files. In 2019, the U.S.

Ransomware 125

Ransomware Cybercrime Banking Encryption 125

Security Affairs

DECEMBER 30, 2019

The United Nations on Friday have approved a Russian-sponsored and China-backed resolution to create a new convention on cybercrime. The United Nations on Friday has approved a Russian-sponsored and China-backed resolution to create a new convention on cybercrime. It will only serve to stifle global efforts to combat cybercrime.”

Cybercrime 66

Cybercrime Surveillance Spyware Government 66

Security Affairs

MAY 2, 2024

Vasinskyi is a REvil ransomware affiliate since at least March 1st, 2019. “Ransomware is malicious software designed to encrypt data on victim computers, allowing bad actors the ability to demand a ransom payment in exchange for the decryption key.” victims, and we are disrupting the broader cybercrime ecosystem.”

Ransomware 98

Ransomware Cryptocurrency Cybercrime Encryption 98

Krebs on Security

FEBRUARY 20, 2024

First surfacing in September 2019, the gang is estimated to have made hundreds of millions of U.S. LockBit operated as a ransomware-as-a-service group, wherein the ransomware gang takes care of everything from the bulletproof hosting and domains to the development and maintenance of the malware. An FBI wanted poster for Matveev.

Ransomware 270

Ransomware Cybercrime Encryption Insurance 270

Security Affairs

JULY 28, 2019

According to a report published by cyber security firm Sixgill data for over 23 million payment card were on offer in underground forums in the first half of 2019. . A report published by cybersecurity firm Sixgill revealed that data for over 23 million payment card were offered for sale in the cybercrime underground.

eCommerce 102

eCommerce Marketing Advertising Retail 102

Security Affairs

JULY 29, 2021

The Haron malware was first described by the South Korean security firm S2W Lab, three day after a first sample of the ransomware was uploaded to VirusTotal (July 19). The cybercrime group shut down its operations and provided the decryption keys to BleepingComputer website. “Haron ransomware was first discovered in July 2021.

Ransomware 138

Ransomware Cybercrime Encryption Architecture 138

Malwarebytes

MARCH 15, 2021

In addition, we tune in to a special presentation from Adam Kujawa about the 2021 State of Malware report , which analyzed the top cybercrime goals of 2020 amidst the global pandemic. After all, malware detections for both consumers and businesses decreased in 2020 compared to 2019. Other cybersecurity news.

Malware 59

Malware VPN Cybercrime Encryption 59

Security Affairs

JANUARY 6, 2023

The MegaCortex ransomware first appeared on the threat landscape in May 2019 when it was spotted by security experts at Sophos. The experts noticed that in MegaCortex attacks other malware like Emotet and Qbot (aka Qakbot) were present in the same network. For encryption with MegaCortex V1 (the encrypted files have the “.aes128ctr”

Ransomware 98

Ransomware Antivirus Encryption Backups 98

Security Affairs

JANUARY 5, 2020

DeathRansom was considered fake ransomware due to the fact that it did not implement an effective encryption process, but now things are changing. DeathRansom is a ransomware family that was initially classified as a joke because it did not implement an effective encryption scheme. ” continues the report. .

Encryption 71

Encryption Ransomware Malware Scams 71

Webroot

SEPTEMBER 7, 2023

Cybercrime is on the rise. Depending on the size of the business, one-third to two-thirds of businesses suffer malware attacks in any given year. billion to data breaches and cybercrime. billion to data breaches and cybercrime. And those attacks are costing companies a lot of money. In 2022, American businesses lost $10.3

Encryption 88

Encryption Cyber Insurance Cybercrime Phishing 88

Krebs on Security

SEPTEMBER 30, 2023

GandCrab dissolved in July 2019, and is thought to have become “ REvil ,” one of the most ruthless and rapacious Russian ransomware groups of all time. In April 2020, Truniger was banned from two of the top Russian cybercrime forums, where members from both forums confirmed that Semen7907 was one of Truniger’s known aliases.

Ransomware 215

Ransomware Accountability Cybercrime Backups 215

Security Affairs

DECEMBER 27, 2021

The attackers first create a user in the administrator group, then use it to encrypt the content of the NAS. “It is important to note that there is a free decryptor for files locked with an older version (before July 17th, 2019) of eCh0raix ransomware. . TXTT” extension. 024 ($1,200) up to.06 06 bitcoins ($3,000). and 1.0.6).”

Ransomware 131

Ransomware Encryption Manufacturing Hacking 131

Security Affairs

OCTOBER 3, 2023

Like all ransomware, this is a type of malware that, once introduced into an organization, encrypts the data and then requires the victim to pay a ransom in order to decrypt it. Encrypted file structure ransomware BlackCat / ALPHV: [ORIGINAL_FILENAME].[ORIGINAL_extension].specific/different Black The LockBit 3.0

Ransomware 124

Ransomware Encryption Technology Backups 124

Security Affairs

NOVEMBER 1, 2020

The Maze ransomware operators are shutting down their operations for more than one year the appeared on the threat landscape in May 2019. The Maze cybercrime gang is shutting down its operations, it was considered one of the most prominent and active ransomware crew since it began operating in May 2019.

Ransomware 145

Ransomware Cybercrime Advertising Software 145

Security Affairs

JANUARY 28, 2023

The recent Hive infrastructure takedown as well as other major gangs dissolution such as Conti in 2022, is making room in the cybercrime business The Lockbit locker leaked a few months ago in the underground, is increasing its popularity and adoption among micro-criminal actors.

Penetration Testing 96

Penetration Testing Ransomware Firewall Social Engineering 96

Security Affairs

NOVEMBER 4, 2020

billion in revenue for 2019. “On July 28, 2020, Mattel discovered that it was the victim of a ransomware attack on its information technology systems that caused data on a number of systems to be encrypted. . SecurityAffairs – hacking, malware). The good news that the company excluded the theft of internal information.

Ransomware 120

Ransomware Retail Advertising Malware 120

Security Affairs

JANUARY 18, 2022

Europol this week announced the shutdown of VPNLab, a VPN service that is very popular in the cybercrime ecosystem. An international operation conducted by law enforcement bodies from 10 countries took down VPNLab.net, a VPN service provider that is very popular in the cybercrime ecosystem.

VPN 92

VPN Cybercrime Ransomware Advertising 92

Krebs on Security

JANUARY 28, 2020

In late December 2019, fuel and convenience store chain Wawa Inc. The fraud bazaar Joker’s Stash on Monday began selling some 30 million stolen payment card accounts that experts say have been tied back to a breach at Wawa in 2019. Pennsylvania-based Wawa says it discovered the intrusion on Dec.

Retail 306

Retail Banking Malware Accountability 306

Security Affairs

MARCH 29, 2020

The CrySis ransomware was first spotted in by experts at ESET, the malware has infected systems, mostly in Russia, Japan, South and North Korea, and Brazil. ” reads the post published by “This, in turn, would result in the broader proliferation among multiple cybercrime groups, and an eventual surge in attacks.”

Ransomware 116

Ransomware Hacking Advertising Malware 116

Security Affairs

JUNE 22, 2023

The malware also contains a function that ensures only one instance of this malware runs on the same device. ” The researchers pointed out that the Mirai variant like IZ1H9 and V3G4 will first initialize an encrypted string table and then retrieve the strings through an index. .”

IoT 94

IoT Malware Encryption DDOS 94

Malwarebytes

MAY 11, 2021

Both the Australian Cyber Security Centre (ACSC) and the US Federal Bureau of Investigation (FBI) have issued warnings about an ongoing cybercrime campaign that is using Avaddon ransomware. In a separate advisory (pdf) , the ACSC says it is also aware of an ongoing ransomware campaign using the Avaddon Ransomware malware.

Ransomware 109

Ransomware VPN Encryption Cybercrime 109

SecureList

APRIL 7, 2022

One of the biggest differences from other ransomware actors is that BlackCat malware is written in Rust, which is unusual for malware developers. The group attempted to deploy the malware extensively within organizations in December 2021 and January 2022. The group is also known as BlackCat.

Encryption 101

Encryption Ransomware Malware Passwords 101

Security Affairs

AUGUST 3, 2020

He had no previous criminal records at the time of the arrest, but it is known to be a member of a cybercrime forum to become an affiliate for the GandCrab ransomware operation. He allegedly subscribed the GandCrab ransomware-as-a-service to create his own version of the malware and spread it running a spam campaign.

Ransomware 127

Ransomware Advertising Malware Hacking 127

SiteLock

AUGUST 27, 2021

In fact, the World Economic Forum (WEF) projects that by 2021: Global cybercrime costs could total approximately $6 trillion in the US. If cybercrime were a country, it would have the third largest economy in the world. Clearly, cybercrime is big business, and it operates like one. How big is the impact of cybercrime?

Cybersecurity 98

Cybersecurity Cybercrime DDOS Malware 98

Security Affairs

DECEMBER 10, 2021

In addition to the encryption of data and subsequent impact to organisations’ ability to operate as usual, victims have had data stolen during incidents published by the ransomware actors, including Personally Identifiable Information (PII).” This activity has happened across multiple sectors.

Ransomware 100

Ransomware Cybercrime Encryption Malware 100

Security Affairs

JANUARY 28, 2022

The company did not reveal details about the attack or the malware family that infected its systems. According to CTWANT , which cited an undisclosed information security company, Delta Electronics was hit by Conti ransomware that asked Delta to pay a $15 million ransom to restore encrypted files and avoid their leak.

Computers and Electronics 98

Computers and Electronics Ransomware Manufacturing Malware 98

Security Affairs

MARCH 3, 2020

Nemty ransomware first appeared on the threat landscape in August 2019, the name of the malware comes after the extension it adds to the encrypted file names. The ransomware deletes shadow copies of encrypted files to make in impossible any recovery procedure. they also announced a working tool for version 1.5.

Ransomware 107

Ransomware Advertising Encryption Malware 107

Security Affairs

APRIL 5, 2019

A few days ago, the researchers of ZLab Yoroi-Cybaze dissected another attack wave of the infamous Ursnif malware, also known as Gozi ISFB , an offspring of the original Gozi which source code was leaked in 2014. Ursnif/Gozi is active from over a decade and was one of the most active malware listed in 2017 and 2018.

Banking 90

Banking Malware Cryptocurrency Advertising 90

Security Affairs

JULY 15, 2019

Cybercrime gang tracked as TA505 has been active since 2014 and focusing on Retail and Banking industries. The group that is known for the distribution of the Dridex Trojan and the Locky ransomware , has released other pieces of malware including the tRat backdoor and the AndroMut downloader. . . ” continues the analysis.

Ransomware 74

Ransomware Encryption Advertising Malware 74

Security Affairs

APRIL 18, 2021

The Carbanak gang (aka FIN7 , Anunak or Cobalt ) stole over a billion euros from banks across the world, the name “Carbanak” comes with the name of the malware they used to compromise computers at banks, other financial institutions, restaurants, and other industries. ” reads the press release published by DoJ.

System Administration 123

System Administration Penetration Testing Malware Banking 123

Security Affairs

DECEMBER 19, 2019

The victims of the Maze Ransomware now face another threat because operators behind the malware could become publish their data online. The victims of the Maze Ransomware are facing another risk, after having their data encrypted now crooks are threatening to publish their data online. SecurityAffairs – Maze ransomware, cybercrime).

Ransomware 78

Ransomware Cybercrime Advertising Malware 78

Security Affairs

MARCH 19, 2020

” According to the experts, the first infections were observed in late 2019, victims reported their files were encrypted by a strain of malware. locked to the filename of the encrypted files. “On one of the compromised information systems, experts found encrypted files with the extension “ newversion.”

Government 114

Government Ransomware Encryption Penetration Testing 114

The Last Watchdog

JUNE 21, 2020

Although most people think of ransomware as a dodgy application that encrypts data and holds it for ransom, the concept is much more heterogeneous than that. File encryption 2013 – 2015. It emerged in September 2013 and paved the way for hundreds of file-encrypting menaces that have splashed onto the scene ever since.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Security Affairs

DECEMBER 24, 2019

“Since January 2019, LockerGoga ransomware has targeted large corporations and organizations in the United States, United Kingdom, France, Norway, and the Netherlands. Feds remind that both ransomware implements a secure encryption algorithm that means it impossible to decrypt the files without paying the ransom.

Ransomware 66

Ransomware Backups Encryption Cyber Attacks 66