Security Affairs

NOVEMBER 19, 2023

8Base ransomware operators were observed using a variant of the Phobos ransomware in a recent wave of attacks. Cisco Talos researchers observed 8Base ransomware operators using a variant of the Phobos ransomware in recent attacks. The ransomware component is then decrypted and loaded into the SmokeLoader process’ memory.

Ransomware 127

Ransomware Encryption Backups Manufacturing 127

Security Affairs

OCTOBER 20, 2023

A joint international law enforcement investigation led to the arrest of a malware developer who was involved in the Ragnar Locker ransomware operation. Yesterday we became aware of a joint law enforcement operation that led to the seizure of the Ragnar Locker ransomware’s infrastructure.

Ransomware 94

Ransomware Cybercrime Malware Hacking 94

Security Affairs

OCTOBER 27, 2021

Grief ransomware operators claim to have compromised computer systems at US National Rifle Association (NRA) and added it to their leak site. Grief ransomware operators announced to have hacked US National Rifle Association (NRA) and threaten to leak the stolen data. In 2019, the U.S. Pierluigi Paganini.

Ransomware 121

Ransomware Banking Cybercrime Hacking 121

Security Affairs

JUNE 30, 2022

A former Canadian government IT worker admitted to being a high-level member of the Russian cybercrime group NetWalker. to charges related to his involvement with the Russian cybercrime group NetWalker. and EU law enforcement authorities allowed the seizure of the leak sites used by NetWalker ransomware operators.

Cybercrime 88

Cybercrime Government Ransomware Cryptocurrency 88

Security Affairs

MAY 2, 2024

The Ukrainian national, Yaroslav Vasinskyi (24), aka Rabotnik, has been sentenced to more than 13 years in prison and must pay $16 million in restitution for conducting numerous ransomware attacks and extorting victims. Vasinskyi is a REvil ransomware affiliate since at least March 1st, 2019. in March 2022. million in U.S.

Ransomware 91

Ransomware Cryptocurrency Cybercrime Encryption 91

Security Affairs

NOVEMBER 8, 2021

Operation Cyclone – Six alleged affiliates with the Clop ransomware operation were arrested in an international joint law enforcement operation led by Interpol. Clop ransomware gang has been active since February 2019, it targeted many organizations and universities over the years. Pierluigi Paganini.

Ransomware 124

Ransomware Cybercrime Malware Hacking 124

Security Affairs

OCTOBER 21, 2021

Evil Corp cybercrime gang is using a new ransomware called Macaw Locker to evade US sanctions that prevent victims from paying the ransom. Evil Corp has launched a new ransomware called Macaw Locker to evade US sanctions that prevent victims from making ransom payments. In 2019, the U.S. Pierluigi Paganini.

Ransomware 118

Ransomware Cybercrime Banking Encryption 118

Security Affairs

JUNE 17, 2021

UNC2465 cybercrime group that is affiliated with the Darkside ransomware gang has infected with malware the website of a CCTV camera vendor. An affiliate of the Darkside ransomware gang , tracked as UNC2465, has conducted a supply chain attack against a CCTV vendor, Mandiant researchers discovered. Pierluigi Paganini.

Cybercrime 105

Cybercrime Ransomware Antivirus Software 105

Security Affairs

DECEMBER 15, 2023

The Snatch ransomware group announced it had hacked the food giant Kraft Heinz, the company is investigating the claims. The Snatch ransomware group claims to have hacked Kraft Heinz in August and on December 14, it added the company to the list of victims on its leak site. ” reads the alert.

Hacking 115

Hacking Ransomware Computers and Electronics Marketing 115

Security Affairs

AUGUST 11, 2020

Avaddon ransomware operators, like other cybercrime groups, decided to launch a data leak site where publish data of victims who refuse to pay a ransom demand. Avaddon ransomware operators announced the launch of their data leak site where they will publish the data stolen from the victims who do not pay a ransom demand.

Ransomware 116

Ransomware Advertising Cybercrime Hacking 116

Security Affairs

OCTOBER 29, 2020

FBI and the DHS’s CISA agencies published a joint alert to warn hospitals and healthcare providers of imminent ransomware attacks from Russia. The government agencies receive information about imminent attacks, threat actors are using the TrickBot botnet to deliver the infamous ransomware to the infected systems.

Healthcare 144

Healthcare Ransomware Cybercrime Advertising 144

Security Affairs

DECEMBER 17, 2021

The Conti ransomware gang is the first ransomware operation exploiting the Log4Shell vulnerability to target VMware vCenter Servers. Conti ransomware gang is the first professional race that leverages Log4Shell exploit to compromise VMware vCenter Server installs. ” reads the analysis published by AdvIntel. “A

Ransomware 128

Ransomware Energy and Utilities Cybercrime Malware 128

Security Affairs

OCTOBER 6, 2023

Hospitality and entertainment company MGM Resorts announced that the costs of the recent ransomware attack costs exceeded $110 million. In September the hospitality and entertainment company MGM Resorts was hit by a ransomware attack that shut down its systems at MGM Hotels and Casinos.

Ransomware 120

Ransomware Insurance Banking Hacking 120

Security Affairs

FEBRUARY 13, 2022

Organizations have paid more than $600 million in cryptocurrency during 2021, nearly one-third to the Conti ransomware gang. and Australia have published a joint advisory warning of an increased globalised threat of ransomware worldwide in 2021. Last week, cybersecurity agencies from the U.K., added the company. . added the company.

Ransomware 92

Ransomware Cryptocurrency Cybercrime Malware 92

Security Affairs

JANUARY 20, 2022

The central bank of the Republic of Indonesia, Bank Indonesia, confirmed the ransomware attack that hit it in December. Bank Indonesia confirmed that it was the victim of a ransomware attack that took place last month. The Conti ransomware gang claimed the attack and leaked some allegedly stolen files as proof of the security breach.

Banking 106

Banking Ransomware Cybercrime Malware 106

Security Affairs

JULY 18, 2021

BleepingComputer became aware that the recent wave of attacks targeting vulnerable SonicWall devices was carried out by HelloKitty ransomware operators. SonicWall this week has issued an urgent security alert to warn companies of “ an imminent ransomware campaing ” targeting some of its equipment that reached end-of-life (EoL).

Ransomware 118

Ransomware Firmware Mobile InfoSec 118

Security Affairs

JANUARY 6, 2023

Antivirus firm Bitdefender released a decryptor for the MegaCortex ransomware allowing its victims to restore their data for free. Antivirus firm Bitdefender released a decryptor for the MegaCortex ransomware , which can allow victims of the group to restore their data for free. SecurityAffairs – hacking, ransomware).

Ransomware 96

Ransomware Antivirus Encryption Backups 96

Security Affairs

DECEMBER 27, 2021

A new wave of ech0raix ransomware attacks is targeting QNAP network-attached storage (NAS) devices. The threat actors behind the ech0raix ransomware are targeting NAP network-attached storage (NAS) devices. ech0raix ransomware operators demand a ransom raising from.024 TXTT” extension. 024 ($1,200) up to.06 06 bitcoins ($3,000).

Ransomware 126

Ransomware Encryption Manufacturing Hacking 126

Security Affairs

MAY 22, 2021

Conti ransomware targeted over 400 organizations worldwide, 290 in the US, and at least 16 healthcare and first responder networks. The Federal Bureau of Investigation (FBI) revealed that the Conti ransomware gang has hit at least 16 healthcare and first responder organizations. SecurityAffairs – hacking, Conti Ransomware).

Ransomware 115

Ransomware Healthcare Cyber Attacks Cybercrime 115

Security Affairs

AUGUST 3, 2020

Last week, the Minister of Internal Affairs of Belarus announced the arrest of a 31-year-old man that is accused of distributing the infamous GandCrab ransomware. Last week, the Minister of Internal Affairs of Belarus announced the arrest of a man on charges of distributing the infamous GandCrab ransomware.

Ransomware 120

Ransomware Advertising Malware Hacking 120

Security Affairs

NOVEMBER 3, 2021

The BlackMatter ransomware gang announced it is going to shut down its operation due to pressure from law enforcement. The BlackMatter ransomware group has announced it is shutting down its operation due to the pressure from local authorities. We wish you all success, we were glad to work.

Ransomware 115

Ransomware Cybercrime Healthcare Encryption 115

Security Affairs

FEBRUARY 23, 2022

The code of the recently-emerged Entropy ransomware has similarities with the one of the infamous Dridex malware. The recently-emerged Entropy ransomware has code similarities with the popular Dridex malware. Experts from Sophos analyzed the code of Entropy ransomware employed in two distinct attacks. In 2019, the U.S.

Ransomware 97

Ransomware Malware Cybercrime Banking 97

Security Affairs

JUNE 16, 2021

Ukraine police arrested multiple individuals that are believed to be linked to the Clop ransomware gang as part of an international joint operation. At the time of this writing, the Ukrainian authorities did not disclose the number of Clop ransomware operators that have been arrested. SecurityAffairs – hacking, ransomware).

Ransomware 108

Ransomware Cybercrime Cryptocurrency Software 108

Security Affairs

OCTOBER 19, 2023

An international law enforcement operation shuts down the infrastructure of the Ragnar Locker ransomware operation. Law enforcement from the US, Europe, Germany, France, Italy, Japan, Spain, Netherlands, Czech Republic, and Latvia conducted a joint operation that led to the seizure of the Ragnar Locker ransomware’s infrastructure.

Ransomware 108

Ransomware Financial Services Cybercrime Manufacturing 108

Security Affairs

DECEMBER 10, 2021

The Australian Cyber Security Centre (ACSC) warns of Conti ransomware attacks again multiple Australian organizations. The Australian Cyber Security Centre (ACSC) warns of Conti ransomware attacks against multiple Australian organizations from various sectors since November. ” reads the ransomware profile.

Ransomware 94

Ransomware Cybercrime Encryption Malware 94

Security Affairs

OCTOBER 20, 2020

The Nefilim ransomware operators have posted a long list of files that appear to belong to Italian eyewear and eyecare giant Luxottica. billion in revenue for 2019. Security experts believe that threat actor exploited the above flaw to infect the systems at the company with ransomware. Luxottica Group S.p.A.

Ransomware 138

Ransomware Cyber Attacks Advertising Retail 138

Security Affairs

FEBRUARY 7, 2023

A new Linux variant of the Clop ransomware has been observed in the wild, the good news is that its encryption algorithm is flawed. SentinelLabs researchers have observed the first Linux variant of the Clop ransomware. The researchers observed the first ELF variant of the Clop ransomware targeting Linux systems on December 26, 2022.

Encryption 89

Encryption Ransomware Cybercrime Engineering 89

Krebs on Security

JANUARY 24, 2023

The plea comes just months after Emelyantsev was extradited from Bulgaria, where he told investigators, “America is looking for me because I have enormous information and they need it.” Denis Kloster, as posted to his Vkontakte page in 2019. “Thanks to you, we are now developing in the field of information security and anonymity!

Cybercrime 217

Cybercrime Advertising IoT Malware 217

Security Affairs

JANUARY 28, 2022

Delta Electronics, a Taiwanese contractor for multiple tech giants such as Apple, Dell, HP and Tesla, was hit by Conti ransomware. Taiwanese electronics manufacturing company Delta Electronics was hit by the Conti ransomware that took place this week. ” reported a statement from the security company cited by CTWANT.

Computers and Electronics 92

Computers and Electronics Ransomware Manufacturing Malware 92

The Last Watchdog

JUNE 21, 2020

Ransomware is undoubtedly one of the most unnerving phenomena in the cyber threat landscape. Numerous strains of this destructive code have been the front-page news in global computer security chronicles for almost a decade now, with jaw-dropping ups and dramatic downs accompanying its progress. inch diskettes. inch diskettes.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Security Affairs

FEBRUARY 8, 2023

to money laundering charges linked to the Ryuk ransomware operation. to one count of conspiracy to commit money laundering for the Ryuk ransomware operation. “Specifically, Dubnikov and his accomplices laundered ransom payments extracted from victims of Ryuk ransomware attacks.” ” reads the press release.

Ransomware 86

Ransomware Hacking Cybercrime Information Security 86

Security Affairs

MARCH 14, 2023

Cyber security researcher Luca Mella analyzed the Makop ransomware employed in a recent intrusion. Executive summary Insights from a recent intrusion authored by Makop ransomware operators show persistence capability through dedicated.NET tools. Advanced_Port_Scanner_2.5.3869.exe

Ransomware 85

Ransomware Software System Administration Encryption 85

Security Affairs

NOVEMBER 8, 2021

The US DoJ has charged a REvil ransomware affiliate that is suspected to have orchestrated the attack on Kaseya MSP platform in July. The US Department of Justice has charged a REvil ransomware affiliate for orchestrating the ransomware attacks on Kaseya MSP platform that took place in July 4. US DoJ also seized $6.1

Ransomware 124

Ransomware Government Hacking Technology 124

Security Affairs

MARCH 29, 2020

The source code of the infamous Dharma ransomware is now available for sale on two Russian-language hacking forums. The source code of one of the most profitable ransomware families, the Dharma ransomware , is up for sale on two Russian-language hacking forums. SecurityAffairs – Dharma ransomware, malware).

Ransomware 111

Ransomware Hacking Advertising Malware 111

Security Affairs

MARCH 17, 2020

Most of the ransomware attacks targeting the enterprises occur outside working hours, during the nighttime or during the weekend. Security experts from FireEye published an interesting report on the Ransomware deployment trends, it revealed that most of the attacks (76%) against the enterprise sector occur outside working hours.

Ransomware 113

Ransomware Advertising Malware Cybercrime 113

Security Affairs

MAY 16, 2021

Ireland Health Service Executive (HSE) refuses to pay a $20 million ransom demand after its systems were hit by the Conti ransomware gang. Ireland’s Health Service Executive that was forced to shut down its IT systems on Friday after being targeted with a significant ransomware attack. ” reported BleepingComputer.

Ransomware 115

Ransomware IoT Cybercrime Media 115

Security Affairs

OCTOBER 18, 2020

The financially-motivated hacker group FIN11 has started spreading ransomware to monetize its cyber criminal activities. The financially-motivated hacker group FIN11 has switched tactics starting using ransomware as the main monetization method. ” reads the analysis published by FireEye.

Ransomware 131

Ransomware Malware Telecommunications Advertising 131