Ransomware group ‘Hades’ claims more victims as investigators seek answers

A ransomware group that targets billion-dollar companies — but that has stubbornly defied attribution consensus among cybersecurity researchers — has claimed at least seven victims since its discovery late last year. What’s more, it has taken additional steps in an apparent bid to baffle investigators who have tried to pin down who, exactly, the operators are, according to Accenture Security research released Tuesday. The update on the operators of the self-proclaimed Hades ransomware variant adds to its mystery as much as it subtracts from it. Accenture said it “is not yet able to confidently make attribution claims,” though other researchers have variously described Hades as a new group, suggested  it is connected to a wel known Russian ransomware gang, or linked the Hades activity to a Chinese nation-state hacking outfit thought to be behind this year’s Microsoft Exchange Server attack. What Accenture says it knows is this: First, the Hades […]

The post Ransomware group ‘Hades’ claims more victims as investigators seek answers appeared first on CyberScoop.

Continue reading Ransomware group ‘Hades’ claims more victims as investigators seek answers

Burgeoning ransomware gang Avaddon appears to shut down, mysteriously

A ransomware gang has apparently disappeared just as its fortunes were rising. Ransomware experts said Avaddon shut down as of Friday. The operators left no explanation for why they might have done so, and they’re letting their remaining victims off the hook. Avaddon sent Bleeping Computer 2,934 decryption keys, after which the security firm Emsisoft produced a free, public decryption tool. After last month’s ransomware attack on Colonial Pipeline caused disruptions in the U.S. on fuel delivery, Avaddon became one of the most prolific posters of victim data to its extortion site, compared to other such groups. “This is great news,” tweeted Allan Liska, a Recorded Future analyst specializing in ransomware. “Avaddon was considered a second tier ransomware operator, but since the Colonial Pipeline attack they have been tied with Conti in terms of number of victims posted to their extortion site.” But with success has come attention. The FBI […]

The post Burgeoning ransomware gang Avaddon appears to shut down, mysteriously appeared first on CyberScoop.

Continue reading Burgeoning ransomware gang Avaddon appears to shut down, mysteriously

Ransomware strikes AXA shortly after insurer announces it will stop covering extortion fees

Ransomware gangs have now struck two cybersecurity insurers in as many months, with AXA confirming over the weekend that an attack had affected its Asian operations. AXA joins CNA Insurance, which in April confirmed that a ransomware incident had forced the company to take its operations offline. The attack on AXA, though, comes shortly after the French insurer said it would no longer reimburse ransomware payments under new policies it writes in that country, although a source familiar with the attack said there was no connection between AXA’s decision and the attack on its own networks. The so-called Avaddon ransomware operators posted screenshots of information online that they said they obtained from AXA’s Asia Assistance subsidiary. The screenshots include a claim that the operators stole three terabytes of data, such as customer medical reports and claims, customer IDs and bank account papers, payments to customers and other health information. “Asia […]

The post Ransomware strikes AXA shortly after insurer announces it will stop covering extortion fees appeared first on CyberScoop.

Continue reading Ransomware strikes AXA shortly after insurer announces it will stop covering extortion fees

Avaddon ransomware gang: ‘We stole 3TB of French AXA Group data’

By Waqas
Avaddon ransomware gang is threatning to carry out DDoS attacks and data leak if AXA did not coporate with the attackers.
This is a post from HackRead.com Read the original post: Avaddon ransomware gang: ‘We stole 3TB of French AXA Group… Continue reading Avaddon ransomware gang: ‘We stole 3TB of French AXA Group data’

DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized

The DarkSide ransomware affiliate program responsible for the six-day outage at Colonial Pipeline this week that led to fuel shortages and price spikes across the country is running for the hills. The crime gang announced it was closing up shop after its servers were seized and someone drained funds from an account the group uses to pay affiliates. Continue reading DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized

Avaddon hackers steal SIM card data from Telstra service provider

By Waqas
Hackread.com can confirm that hackers from the Avaddon ransomware gang are claiming to have gained access to “tens of thousands” of SIM cards.
This is a post from HackRead.com Read the original post: Avaddon hackers steal SIM card data from Te… Continue reading Avaddon hackers steal SIM card data from Telstra service provider

Phorpiex Botnet Named “Most Wanted Malware” in November 2020

The Phorpiex botnet earned the notorious designation of “most wanted malware” for the month of November 2020. In its Global Threat Index for November 2020, Check Point Research revealed that it had observed a surge in new Phorpiex botnet infections tha… Continue reading Phorpiex Botnet Named “Most Wanted Malware” in November 2020

Ransomware Attackers Buy Network Access in Cyberattack Shortcut

Network access to various industries is being offered in underground forums at as little as $300 a pop – and researchers warn that ransomware groups like Maze and NetWalker could be buying in. Continue reading Ransomware Attackers Buy Network Access in Cyberattack Shortcut