Collaborate Disseminate
Ransomware strains such as Maze, Ryuk and BlackCat have increasingly been part of FIN7’s playbook in recent years, Mandiant says.
The post Notorious hacking group FIN7 adds ransomware to its repertoire appeared first on CyberScoop.
Continue reading Notorious hacking group FIN7 adds ransomware to its repertoire
European oil and transportation services have spent all week under attack by ransomware. The latest victim, aviation services company Swissport, announced Friday that ransomware struck part of its IT infrastructure, causing flight delays and knocking its website offline. The company said last month that in 2019, it fueled 2.3 million flights, and claims 2,000 employees at 40 airports across six countries. ⚠️ A part of #Swissport’s IT infrastructure was subject to a ransomware attack. The attack has been largely contained, and we are working actively to fully resolve the issue as quickly as possible. Swissport regrets any impact the incidence has had on our service delivery. — Swissport (@swissportNews) February 4, 2022 The announcement comes one day after reports of attacks on oil port terminals in Belgium and the Netherlands. Earlier this week, two German oil companies became ransomware victims as well, forcing one of the companies into operating at […]
The post Ransomware spree hitting European oil, transport companies appeared first on CyberScoop.
Continue reading Ransomware spree hitting European oil, transport companies
The State Department is offering a $10 million reward for information on two Iranian hackers who allegedly participated in state-sponsored cyber operations designed to interfere with the 2020 U.S. presidential election. The two individuals, Seyyed Mohammad Hosein Musa Kazemi, 24, and Sajjad Kashian, 27, were charged with computer fraud, voter intimidation and transmission of interstate threats according to a federal indictment unsealed in November. The activity took place between August 2020 and November 2020. The State Department is offering the reward under its “Rewards for Justice” program, which has posted equal bounties for information about ransomware groups DarkSide and REvil. The indictment of the Iranians painted a picture of an extensive operation aimed at fomenting partisan divides ahead of the 2020 election. The campaign included allegedly sending threatening emails to Florida Democrats aimed at intimidating them into voting for Trump, while posing as the right-wing nationalist group Proud Boys. U.S. […]
The post State Department offers $10M for information on Iranian election interference appeared first on CyberScoop.
Continue reading State Department offers $10M for information on Iranian election interference
In December 2021, researchers discovered a new ransomware-as-a-service named ALPHV (a.k.a. “BlackCat”), considered to be the first professional cybercrime group to create and use a ransomware strain in the Rust programming language. In this post, we’ll explore some of the clues left behind by the developer who was reputedly hired to code the ransomware variant. Continue reading Who Wrote the ALPHV/BlackCat Ransomware Strain?
The Russian government said today it arrested 14 people accused of working for “REvil,” a particularly aggressive ransomware group that has extorted hundreds of millions of dollars from victim organizations. The Russian Federal Security Service (FSB) said the actions were taken in response to a request from U.S. officials, but many experts believe the crackdown is part of an effort to reduce tensions over Russian President Vladimir Putin’s decision to station 100,000 troops along the nation’s border with Ukraine. Continue reading At Request of U.S., Russia Rounds Up 14 REvil Ransomware Affiliates
In a great many ransomware attacks, the criminals who pillage the victim’s network are not the same crooks who gained the initial access to the victim organization. More commonly, the infected PC or stolen VPN credentials the gang used to break in were purchased from a cybercriminal middleman known as an initial access broker. This post examines some of the clues left behind by Wazawaka, the handle chosen by a major access broker in the Russian-speaking cybercrime scene. Continue reading Who is the Network Access Broker ‘Wazawaka?’
By Waqas
The US is offering $10 million to anyone who can provide information to law enforcement authorities on the infamous DarkSide ransomware gang that may help in locating and arresting its operators.
This is a post from HackRead.com Read the origi… Continue reading US offers $10m reward for decisive info on DarkSide ransomware gang
The State Department on Thursday announced a $10 million bounty for information on the location of leaders of the DarkSide ransomware gang, and $5 million for information that leads to the arrest or conviction of any affiliates of the group. DarkSide in May hacked fuel provider Colonial Pipeline, forcing the company to shut down its operations, resulting in panic-buying at gas stations in some areas of the U.S. ahead of Memorial Day weekend. The Justice Department retrieved $2.3 million of the nearly $5 million ransom payment Colonial Pipeline made to the Russian-speaking hackers. “In offering this reward, the United States demonstrates its commitment to protecting ransomware victims around the world from exploitation by cybercriminals,” State Department spokesperson Ned Price said in a statement. “The United States looks to nations who harbor ransomware criminals that are willing to bring justice for those victim businesses and organizations affected by ransomware.” Only the […]
The post State Department offers $10 million reward for help identifying DarkSide ringleaders appeared first on CyberScoop.
One down. Lots more to go. Here’s what to do… Continue reading REvil ransomware gang allegedly forced offline by law enforcement counterattacks
A government advisory published Monday warned that BlackMatter ransomware attackers are going after U.S. critical infrastructure, including food and agriculture organizations, and demanding exorbitant payouts. It’s the latest joint alert from the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, the FBI and the National Security Agency, this time about a form of ransomware that first emerged in July. It comes just days after a similar alert about ransomware threats to water and wastewater facilities. It’s also part of a recent push by federal security agencies to put a focus on the food and agriculture sector. “This advisory highlights the evolving and persistent nature of criminal cyber actors and the need for a collective public and private approach to reduce the impact and prevalence of ransomware attacks,” said Eric Goldstein, executive assistant director for cybersecurity at CISA. BlackMatter seeks between $80,000 and $15 million in cryptocurrency, including bitcoin and Monero, […]
The post NSA, DHS shine light on BlackMatter ransomware threat to food industry, demands of up to $15 million appeared first on CyberScoop.