Collaborate Disseminate
“Up to $10 million for information that leads to the arrest and/or conviction of this defendant.” Continue reading US offers $10m bounty for Russian ransomware suspect outed in indictment
A new cybercrime outfit calling itself RA GROUP is just the latest to take advantage of leaked Babuk ransomware source code.
The post Ransomware group claims 2.5 terabytes of stolen data less than a month after emerging online appeared first on CyberScoop.
A new cybercrime outfit calling itself RA GROUP is just the latest to take advantage of leaked Babuk ransomware source code.
The post Ransomware group claims 2.5 terabytes of stolen data less than a month after emerging online appeared first on CyberScoop.
In January, KrebsOnSecurity examined clues left behind by “Wazawaka,” the hacker handle chosen by a major ransomware criminal in the Russian-speaking cybercrime scene. Wazawaka has since “lost his mind” according to his erstwhile colleagues, creating a Twitter account to drop exploit code for a widely-used virtual private networking (VPN) appliance, and publishing bizarre selfie videos taunting security researchers and journalists.
In last month’s story, we explored clues that led from Wazawaka’s multitude of monikers, email addresses, and passwords to a 30-something father in Abakan, Russia named Mikhail Pavlovich Matveev. This post concerns itself with the other half of Wazawaka’s identities not mentioned in the first story, such as how Wazawaka also ran the Babuk ransomware affiliate program, and later became “Orange,” the founder of the ransomware-focused Dark Web forum known as “RAMP.” Continue reading Wazawaka Goes Waka Waka
A number of publications in September warned about the emergence of “Groove,” a new ransomware group that called on competing extortion gangs to unite in attacking U.S. government interests online. It now appears that Groove was all a big hoax designed to toy with security firms and journalists. Continue reading The ‘Groove’ Ransomware Gang Was a Hoax
There is some more good news for those who have fallen foul of ransomware.
Czech security firm Avast has developed decryption utilities for victims of not one, not two, but three different ransomware strains – meaning that victims who have been hit … Continue reading Free decryption tools for AtomSilo, Babuk, and LockFire ransomware released by Avast
Another new ransomware gang is making waves with an unconventional structure, its unique pedigree and an early victim. A coalition of researchers on Thursday explained what makes Groove, a gang that quietly emerged in July with a website, different: Namely, it eschews the traditional ransomware-as-a-service hierarchy in favor of an opportunistic pledge that they’ll work with anyone as long as there’s money to be made. The researchers — from McAfee, Intel 471 and Coveware — traced the group’s origins to a likely split with the Babuk gang, part of a trend of turmoil within extortion groups that use the ransomware-as-a-service (RaaS) model where affiliates get to use an outfit’s malware in exchange for sharing profits. For instance, a disgruntled former Conti affiliate recently leaked the group’s attack playbook. Already, there’s evidence the researchers uncovered that Groove has worked with another ransomware gang, BlackMatter, that likewise recently emerged. That group is […]
The post Groove ransomware gang is a motley crew of disgruntled hackers, researchers say appeared first on CyberScoop.
Continue reading Groove ransomware gang is a motley crew of disgruntled hackers, researchers say
Straight from the researchers at Intel 471 comes this pro tip for cybersecurity teams inside organizations: Being proactive about what the cybercriminal underground is learning and how it’s behaving can help you pinpoint solutions for your secur… Continue reading Why RaaS Has Become Easier to Launch
Authorities in Ukraine this week charged six people alleged to have been part of the CLOP ransomware group, a cybercriminal gang said to have extorted more than half a billion dollars from victims. Some of CLOP’s victims this year alone include Stanford University Medical School, the University of California, and University of Maryland. Continue reading Ukrainian Police Nab Six Tied to CLOP Ransomware
The Babuk ransomware gang is reinventing itself. It says it’s no longer interested in encrypting victims’ data, but will be focusing on stealing information instead.
Read more in my article on the Hot for Security blog. Continue reading Babuk ransomware gang says it’s no longer interested in encrypting data, would rather kidnap it instead