Cerber – WindowsTechs.com

How Did Authorities Identify the Alleged Lockbit Boss?

Posted on May 13, 2024 by BrianKrebs

Last week, the United States joined the U.K. and Australia in sanctioning and charging a Russian man named Dmitry Yuryevich Khoroshev as the leader of the infamous LockBit ransomware group. LockBit’s leader “LockBitSupp” claims the feds named the wrong guy, saying the charges don’t explain how they connected him to Khoroshev. This post examines the activities of Khoroshev’s many alter egos on the cybercrime forums, and tracks the career of a gifted malware author who has written and sold malicious code for the past 14 years. Continue reading How Did Authorities Identify the Alleged Lockbit Boss?→

Ransomware Gangs and the Name Game Distraction

Posted on August 5, 2021 by BrianKrebs

It’s nice when ransomware gangs have their bitcoin stolen, malware servers shut down, or are otherwise forced to disband. We hang on to these occasional victories because history tells us that most ransomware moneymaking collectives don’t go away so much as reinvent themselves under a new name, with new rules, targets and weaponry. Indeed, some of the most destructive and costly ransomware groups are now in their third incarnation over as many years.

Reinvention is a basic survival skill in the cybercrime business. Among the oldest tricks in the book is to fake one’s demise or retirement and invent a new identity. A key goal of such subterfuge is to throw investigators off the scent or to temporarily direct their attention elsewhere.

Cybercriminal syndicates also perform similar disappearing acts whenever it suits them. These organizational reboots are an opportunity for ransomware program leaders to set new ground rules for their members — such as which types of victims aren’t allowed (e.g., hospitals, governments, critical infrastructure), or how much of a ransom payment an affiliate should expect for bringing the group access to a new victim network. Continue reading Ransomware Gangs and the Name Game Distraction→

This Service Helps Malware Authors Fix Flaws in their Code

Posted on May 18, 2020 by BrianKrebs

Almost daily now there is news about flaws in commercial software that lead to computers getting hacked and seeded with malware. But the reality is most malicious software also has its share of security holes that open the door for security researchers or ne’er-do-wells to liberate or else seize control over already-hacked systems. Here’s a look at one long-lived malware vulnerability testing service that is used and run by some of the Dark Web’s top cybercriminals. Continue reading This Service Helps Malware Authors Fix Flaws in their Code→

This Service Helps Malware Authors Fix Flaws in their Code

Posted on May 18, 2020 by BrianKrebs

GandCrab and Cerber Viruses – Made by The Same Devs?

Posted on October 1, 2018 by Vencislav Krustev

The massive wave of GandCrab ransomware has sprung in series of versions that feature minor improvements. The virus cannot be stoped and it is become more and more widespread. But recent similarities with the versions of the virus raise one…Read more… Continue reading GandCrab and Cerber Viruses – Made by The Same Devs?→

Office 365 ransomware

Posted on February 26, 2018 by DHarley

I just came across an article for HelpNet by Jeff Erramouspe (Spanning Cloud) on How to protect Office 365 data from ransomware attacks. Not a technical article, but not bad advice, and I haven’t publicized a how-to article on ransomwar… Continue reading Office 365 ransomware→

Washington DC’s surveillance cameras hacked… to send spam

Posted on December 22, 2017 by Taylor Armerding

Everything and everybody is hackable – and that includes Big Brother Continue reading Washington DC’s surveillance cameras hacked… to send spam→

5 Romanian ransomware distributors arrested after police raid

Posted on December 21, 2017 by Lisa Vaas

Five suspects; two ransomware strains; victims identified in both Europe and the US – cops swoop! Continue reading 5 Romanian ransomware distributors arrested after police raid→

Europol releases dramatic video of Romanians arrested for spreading CTB Locker and Cerber ransomware

Posted on December 21, 2017 by Filip Truta

As part of an extensive law enforcement operation called “Bakovia,” Romanian authorities on Wednesday arrested five individuals suspected of infecting tens of thousands of computers across Europe and the United States using the infamous Ran… Continue reading Europol releases dramatic video of Romanians arrested for spreading CTB Locker and Cerber ransomware→

Ransomware updates

Posted on December 20, 2017 by DHarley

(1) Raj Samani, Chief Scientist at McAfee, describes an attempt to explore the motivations that drive ransomware gangs. Why ransomware? Let’s ask the bad guys Perhaps the most useful and interesting fact to emerge from these exchanges … Continue reading Ransomware updates→