Krebs on Security

NOVEMBER 14, 2024

Shefel claims the true mastermind behind the Target and other retail breaches was Dmitri Golubov , an infamous Ukrainian hacker known as the co-founder of Carderplanet, among the earliest Russian-language cybercrime forums focused on payment card fraud. “I’m also godfather of his second son.”

Advertising 274

Advertising Retail Cryptocurrency Cybercrime 274

Schneier on Security

JANUARY 31, 2023

Chainalysis reports that worldwide ransomware payments were down in 2022. Ransomware attackers extorted at least $456.8 million from victims in 2022, down from $765.6 When we published last year’s version of this report, for example, we had only identified $602 million in ransomware payments in 2021.

Ransomware 330

Ransomware Cryptocurrency Cybercrime 330

Joseph Steinberg

JUNE 9, 2022

The Tenafly, New Jersey, Public School District has canceled final exams for its high school students after a ransomware cyberattack crippled the district’s computer infrastructure. The ransomware attack on Tenafly’s school system is a reminder of a sad, ironic, reality.

Ransomware 363

Ransomware Artificial Intelligence Cybercrime Education 363

Security Affairs

OCTOBER 27, 2024

Russian authorities sentenced four members of the REvil ransomware operation to several years in prison in Russia. Four former members of the REvil ransomware group were sentenced in Russia for hacking and money laundering, marking a rare case of Russian gang members being convicted in the country. in March 2022.

Ransomware 143

Ransomware Hacking Malware Cybercrime 143

Security Affairs

FEBRUARY 1, 2025

Indian multinational technology company Tata Technologies suspended some IT services following a ransomware attack. Indian multinational Tata Technologies , a Tata Motors subsidiary, suspended some IT services following a ransomware attack. A few days later, the ransomware gang Hive leaked the alleged stolen files on its Tor leak site.

Technology 119

Technology Ransomware Engineering Manufacturing 119

Krebs on Security

JANUARY 28, 2022

In December 2021, researchers discovered a new ransomware-as-a-service named ALPHV (a.k.a. “ BlackCat “), considered to be the first professional cybercrime group to create and use a ransomware strain written in the Rust programming language. Image: Varonis. ” Meanwhile, the U.S. I AM DUCKERMAN.

Ransomware 338

Ransomware Accountability Cybercrime Malware 338

Krebs on Security

DECEMBER 11, 2024

A financial firm registered in Canada has emerged as the payment processor for dozens of Russian cryptocurrency exchanges and websites hawking cybercrime services aimed at Russian-speaking customers, new research finds. wtf, and PQHosting ; -sites selling aged email, financial, or social media accounts, such as verif[.]work com and rdp[.]monster;

Cryptocurrency 288

Cryptocurrency Banking Cybercrime Advertising 288

Tech Republic Security

MAY 16, 2022

Ransomware is probably the type of cybercrime that has made headlines the most in 2021, and 2022 seems to follow that trend. Yet it is still evolving, and new ransomware seems more adaptive, resilient and more industrialized.

Ransomware 148

Ransomware Cybercrime 148

Security Affairs

NOVEMBER 29, 2024

Russian authorities arrested ransomware affiliate Mikhail Matveev, aka Wazawaka, for developing malware and ties to hacking groups. In May 2023, the US Justice Department charged Russian national Mikhail Pavlovich Matveev for his alleged role in multiple ransomware attacks. The Treasury Department sanctioned the ransomware actor.

Ransomware 120

Ransomware Healthcare Hacking Malware 120

Krebs on Security

FEBRUARY 20, 2024

authorities have seized the darknet websites run by LockBit , a prolific and destructive ransomware group that has claimed more than 2,000 victims worldwide and extorted over $120 million in payments. First surfacing in September 2019, the gang is estimated to have made hundreds of millions of U.S. Ivan Gennadievich Kondratyev , a.k.a.

Ransomware 331

Ransomware Cybercrime Encryption Insurance 331

The Last Watchdog

DECEMBER 16, 2021

In 2021, law enforcement continued making a tremendous effort to track down, capture and arrest ransomware operators, to take down ransomware infrastructure, and to claw back ransomware payments. These transformations for ransomware groups will become the source of new attacks. Related: The targeting of supply chains.

CISO 262

CISO Ransomware Risk Authentication 262

Krebs on Security

MARCH 1, 2022

A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti , an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue. “There will be panic. 428 hospitals.”

Ransomware 303

Ransomware Healthcare Cybercrime Government 303

Digital Shadows

OCTOBER 19, 2022

Ransomware activity decreased in the third quarter of 2022 (Q3 2022), as actors regrouped and refocused after a busy start. The post Ransomware In Q3 2022 first appeared on Digital Shadows.

Ransomware 141

Ransomware Cybercrime 141

Krebs on Security

NOVEMBER 21, 2024

In August 2022, multiple security firms gained access to the server that was receiving data from that Telegram bot, which on several occasions leaked the Telegram ID and handle of its developer, who used the nickname “ Joeleoli.” Click to enlarge. The group then used their access to Twilio to attack at least 163 of its customers.

Identity Theft 268

Identity Theft Phishing Cryptocurrency Accountability 268

SecureWorld News

MAY 14, 2025

The FBI's Internet Crime Complaint Center (IC3) has released its 2024 Internet Crime Report, marking a record-breaking year in cybercrime. Critical infrastructure under siege: The healthcare and public health sector was the most targeted by ransomware attackers in 2023. Since 2022, the U.S. billion in losses.

Cybercrime 72

Cybercrime Scams Cryptocurrency Internet 72

Security Affairs

MARCH 2, 2025

The Qilin ransomware group claims responsibility for attacking the newspaper Lee Enterprises, stealing 350GB of data. The Qilin ransomware group claimed responsibility for the recent cyberattack on Lee Enterprises, which impacted dozens of local newspapers. Lee Enterprises , Inc. is a publicly traded American media company.

Ransomware 80

Ransomware Encryption Cybercrime Healthcare 80

Security Affairs

JUNE 12, 2022

Ransomware gangs are actively exploiting CVE-2022-26134 remote code execution (RCE) flaw in Atlassian Confluence Server and Data Center. Multiple ransomware groups are actively exploiting the recently disclosed remote code execution (RCE) vulnerability, tracked as CVE-2022-26134 , affecting Atlassian Confluence Server and Data Center.

Ransomware 145

Ransomware Encryption Malware Hacking 145

Security Affairs

NOVEMBER 1, 2022

Ransomware activity report: Threat actors are selling access to hundreds of organizations, with a cumulative requested price of around $4M. KELA identified around 600 victims by analyzing ransomware actors’ blogs and negotiation portals, data leak sites and public reports. SecurityAffairs – hacking, cybercrime).

Ransomware 122

Ransomware Cybercrime Hacking Information Security 122

SecureList

MAY 11, 2022

Ahead of the Anti-Ransomware Day, we summarized the tendencies that characterize ransomware landscape in 2022. This year, ransomware is no less active than before: cybercriminals continue to threaten nationwide retailers and enterprises , old variants of malware return while the new ones develop.

Ransomware 141

Ransomware Encryption Malware Cybercrime 141

Krebs on Security

MARCH 7, 2022

Three stories here last week pored over several years’ worth of internal chat records stolen from the Conti ransomware group, the most profitable ransomware gang in operation today. penned a two-part analysis on why smart contracts will make ransomware more profitable. “I think it will help us with smart contracts.”

Ransomware 279

Ransomware Cryptocurrency DDOS Scams 279

Digital Shadows

JULY 11, 2022

The second quarter of 2022 was a significant and highly active quarter for ransomware gangs. The post RANSOMWARE IN Q2 2022: RANSOMWARE IS BACK IN BUSINESS first appeared on Digital Shadows. We saw a noticeable rise.

Ransomware 125

Ransomware Cybercrime 125

Security Affairs

JUNE 6, 2025

Qilin ransomware now exploits Fortinet vulnerabilities to achieve remote code execution on impacted devices. Threat actors are actively exploiting Fortigate vulnerabilities (CVE-2024-21762, CVE-2024-55591, and others) to deploy Qilin ransomware. CISA confirmed that the flaw CVE-2025-24472 is known to be used in ransomware campaigns.

Ransomware 78

Ransomware Authentication Firewall Healthcare 78

Security Affairs

FEBRUARY 17, 2025

On February 11, 2025, the US, UK, and Australia sanctioned a Russian bulletproof hosting services provider and two Russian administrators because they supported Russian ransomware LockBit operations. The law enforcement revealed that Zservers’ servers were in Amsterdam, and cybercrime groups like Conti and LockBit used the platform.

Cybercrime 74

Cybercrime Ransomware Hacking Advertising 74

Security Affairs

MARCH 7, 2024

The FBI Internet Crime Complaint Center (IC3) 2023 report states that reported cybercrime losses reached $12.5 The 2023 Internet Crime Report published the FBI’s Internet Crime Complaint Center (IC3) reveals that reported cybercrime losses reached $12.5 The figure marks a 22% surge in reported losses compared to 2022.

Cybercrime 141

Cybercrime Internet Internet Scams 141

Security Affairs

JANUARY 11, 2025

According to the indictment, the defendants operated cryptocurrency mixers that served as safe havens for laundering criminally derived funds, including the proceeds of ransomware and wire fraud, said Principal Deputy Assistant Attorney General Brent S. were allegedly used for laundering funds from ransomware and cybercrimes.

Cybercrime 75

Cybercrime Cryptocurrency Hacking Ransomware 75

Krebs on Security

AUGUST 29, 2023

government today announced a coordinated crackdown against QakBot , a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. Emerging in 2007 as a banking trojan, QakBot (a.k.a. Today’s operation is not the first time the U.S. ” The DOJ said it also recovered more than 6.5

Hacking 315

Hacking Malware Ransomware Government 315

SecureList

AUGUST 1, 2024

Introduction Cybercriminals who specialize in ransomware do not always create it themselves. They have many other ways to get their hands on ransomware samples: buying a sample on the dark web, affiliating with other groups or finding a (leaked) ransomware variant. You will find a few excerpts from these below.

Ransomware 123

Ransomware Cybercrime Education Malware 123

SecureWorld News

MARCH 15, 2023

Alright, how many of you saw a cryptocurrency ad on TV in 2022? The FBI's Internet Crime Complaint Center (IC3) has released its 2022 Internet Crime Report , which reveals the trends and impacts of cybercrime in the United States. However, phishing schemes were not the most costly type of cybercrime in terms of financial losses.

Cybercrime 136

Cybercrime Scams Cryptocurrency Identity Theft 136

The Last Watchdog

JUNE 20, 2022

I had the chance at RSA Conference 2022 to visit with John Shier, senior security advisor at Sophos, a security software and hardware company. IABs specialize in one specific area of the cybercrime ecosystem where the victims are accumulated and then sold off to the highest bidder,” he says. Teeming criminal activity.

Ransomware 235

Ransomware Digital transformation Marketing Software 235

Security Affairs

JULY 18, 2024

The cybercrime group FIN7 is advertising a security evasion tool in multiple underground forums, cybersecurity company SentinelOne warns. The researchers noticed that the tool has been used by various ransomware operations, including AvosLocker , MedusaLocker, BlackCat , Trigona , and LockBit. in cybercrime forum.

Advertising 142

Advertising Cybercrime Hacking Ransomware 142

Krebs on Security

OCTOBER 31, 2022

A 26-year-old Ukrainian man is awaiting extradition from The Netherlands to the United States on charges that he acted as a core developer for Raccoon , a popular “malware-as-a-service” offering that helped paying customers steal passwords and financial data from millions of cybercrime victims. According to the U.S.

Malware 341

Malware Identity Theft Cybercrime Accountability 341

Security Affairs

FEBRUARY 11, 2025

Authorities dismantled the 8Base ransomware gang, shutting down its dark web data leak and negotiation sites. An international law enforcement operation, codenamed Operation Phobos Aetor, dismantled the 8Base ransomware gang. The ransomware component is then decrypted and loaded into the SmokeLoader process memory.

Ransomware 74

Ransomware Encryption Backups Malware 74

Security Affairs

APRIL 30, 2025

Since mid-2022, theyve deployed RomCom via spear-phishing for espionage, lateral movement, and data theft. Subsequently, to provide coverage for this data theft, they deploy ransomware onto the machine, encrypting all the data and demanding a ransom (T1486 – Data Encrypted for Impact). ” continues the report.

Encryption 103

Encryption Ransomware Malware Phishing 103

Krebs on Security

JANUARY 30, 2024

technology companies during the summer of 2022. stole at least $800,000 from at least five victims between August 2022 and March 2023. 2022 that an intrusion had exposed a “limited number” of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials.

Social Engineering 359

Social Engineering Mobile Cybercrime Passwords 359

Krebs on Security

SEPTEMBER 13, 2023

In December 2022, KrebsOnSecurity broke the news that a cybercriminal using the handle “ USDoD ” had infiltrated the FBI ‘s vetted information sharing network InfraGard , and was selling the contact information for all 80,000 members. But on Sept. defense contractors. USDoD’s avatar used to be the seal of the U.S.

Cybercrime 344

Cybercrime Passwords Authentication Malware 344

Krebs on Security

FEBRUARY 9, 2023

Authorities in the United States and United Kingdom today levied financial sanctions against seven men accused of operating “ Trickbot ,” a cybercrime-as-a-service platform based in Russia that has enabled countless ransomware attacks and bank account takeovers since its debut in 2016. companies and government entities.

Hacking 250

Hacking Cybercrime Ransomware Government 250

Security Affairs

MARCH 5, 2025

Ransomware group Hunters International claims to have hacked Tata Technologies, threatening to leak 1.4 The Hunters International ransomware group claimed to have breached the Indian multinational technology company Tata Technologies, a Tata Motors subsidiary. The gang claims to have breached the corporate network on October 3rd, 2022.

Technology 110

Technology Ransomware Engineering Manufacturing 110