Who Wrote the ALPHV/BlackCat Ransomware Strain?

In December 2021, researchers discovered a new ransomware-as-a-service named ALPHV (a.k.a. “BlackCat”), considered to be the first professional cybercrime group to create and use a ransomware strain in the Rust programming language. In this post, we’ll explore some of the clues left behind by the developer who was reputedly hired to code the ransomware variant. Continue reading Who Wrote the ALPHV/BlackCat Ransomware Strain?

State Department offers $10 million reward for help identifying DarkSide ringleaders

The State Department on Thursday announced a $10 million bounty for information on the location of leaders of the DarkSide ransomware gang, and $5 million for information that leads to the arrest or conviction of any affiliates of the group. DarkSide in May hacked fuel provider Colonial Pipeline, forcing the company to shut down its operations, resulting in panic-buying at gas stations in some areas of the U.S. ahead of Memorial Day weekend. The Justice Department retrieved $2.3 million of the nearly $5 million ransom payment Colonial Pipeline made to the Russian-speaking hackers. “In offering this reward, the United States demonstrates its commitment to protecting ransomware victims around the world from exploitation by cybercriminals,” State Department spokesperson Ned Price said in a statement. “The United States looks to nations who harbor ransomware criminals that are willing to bring justice for those victim businesses and organizations affected by ransomware.” Only the […]

The post State Department offers $10 million reward for help identifying DarkSide ringleaders appeared first on CyberScoop.

Continue reading State Department offers $10 million reward for help identifying DarkSide ringleaders

BlackMatter ransomware gang is reportedly quitting operation

By Waqas
BlackMatter ransomware gang, which is believed to be a rebrand of DarkSide, has decided to end the project, giving in to the pressures of the local law enforcement authorities.
This is a post from HackRead.com Read the original post: BlackMatt… Continue reading BlackMatter ransomware gang is reportedly quitting operation

The ‘Groove’ Ransomware Gang Was a Hoax

A number of publications in September warned about the emergence of “Groove,” a new ransomware group that called on competing extortion gangs to unite in attacking U.S. government interests online. It now appears that Groove was all a big hoax designed to toy with security firms and journalists. Continue reading The ‘Groove’ Ransomware Gang Was a Hoax

A Russian-speaking ransomware gang says it hacked the National Rifle Association

A ransomware group known as Grief claimed on Wednesday to have hacked the National Rifle Association, releasing 13 documents allegedly belonging to the organization and threatening to release more if the NRA doesn’t pay an extortion fee of an undisclosed sum. The documents previewed on Grief’s leak site include grant applications and minutes from a meeting. The group claims to possess more documents. However, ransomware actors have been known to exaggerate the amount of data obtained in a hack. CyberScoop has not independently verified the documents. An NRA spokesperson declined to comment when reached by phone. Multiple researchers have said that Grief is affiliated with the Russian ransomware group Evil Corp. Evil Corp.’s involvement could potentially put the NRA at risk of violating U.S. sanctions if it pays the attackers after the Treasury Department sanctioned that gang in 2019. The Justice Department also charged two Evil Corp. members with criminal […]

The post A Russian-speaking ransomware gang says it hacked the National Rifle Association appeared first on CyberScoop.

Continue reading A Russian-speaking ransomware gang says it hacked the National Rifle Association

Candy corn producer says ransomware incident ‘not likely’ to sour Halloween supplies

A major U.S. candy-maker says it’s returning to service after a ransomware incident in which intruders interrupted operations at some facilities just weeks before Halloween. Chicago-based Ferrara Candy — the parent company of Lemonheads, Atomic Fireballs, Keebler and others — said attackers hit the firm with ransomware on Oct. 9, encrypting systems. Specific details about the breach are sparse, though Ferrara says the incident is not likely to affect Halloween candy supplies, as much of the trick-or-treating inventory had already shipped to retailers prior to the hack. Ferrara also produces Bach’s candy corn. Law enforcement is investigating the matter, and outside experts continue to help restore systems, the company said. “We have resumed production in select manufacturing facilities, and we are shipping from all our distribution centers across the country, near to capacity,” Ferrara said in an Oct. 19 statement. “We are also now working to process all orders in […]

The post Candy corn producer says ransomware incident ‘not likely’ to sour Halloween supplies appeared first on CyberScoop.

Continue reading Candy corn producer says ransomware incident ‘not likely’ to sour Halloween supplies

NSA, DHS shine light on BlackMatter ransomware threat to food industry, demands of up to $15 million

A government advisory published Monday warned that BlackMatter ransomware attackers are going after U.S. critical infrastructure, including food and agriculture organizations, and demanding exorbitant payouts. It’s the latest joint alert from the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, the FBI and the National Security Agency, this time about a form of ransomware that first emerged in July. It comes just days after a similar alert about ransomware threats to water and wastewater facilities. It’s also part of a recent push by federal security agencies to put a focus on the food and agriculture sector. “This advisory highlights the evolving and persistent nature of criminal cyber actors and the need for a collective public and private approach to reduce the impact and prevalence of ransomware attacks,” said Eric Goldstein, executive assistant director for cybersecurity at CISA. BlackMatter seeks between $80,000 and $15 million in cryptocurrency, including bitcoin and Monero, […]

The post NSA, DHS shine light on BlackMatter ransomware threat to food industry, demands of up to $15 million appeared first on CyberScoop.

Continue reading NSA, DHS shine light on BlackMatter ransomware threat to food industry, demands of up to $15 million

Olympus probes apparent cyberattack, its second in less than a month

Japanese technology manufacturer Olympus announced Tuesday that it was investigating “a potential cybersecurity incident” affecting IT systems in the U.S., Canada and Latin America. The Oct. 12 statement was light on detail but said the “incident” was detected Sunday, Oct. 10. The Tokyo-based company has offices and subsidiaries around the world, which produce and sell equipment such as medical devices and various microscopes. The issue comes nearly a month after the company was the victim of a ransomware attack affecting its business units in Europe, the Middle East and Africa. That incident was reportedly the work of an attacker affiliated the BlackMatter ransomware group, one of the successor groups of DarkSide, the Russia-based gang behind the Colonial Pipeline attack in May, which became a major discussion point between President Joe Biden and Russian President Vladimir Putin during a bilateral summit in June. BlackMatter is also linked to REvil, another prolific […]

The post Olympus probes apparent cyberattack, its second in less than a month appeared first on CyberScoop.

Continue reading Olympus probes apparent cyberattack, its second in less than a month